Access and authentication

Content Platform Tenant Management Help

File Size
4269 KB
Part Number

The Hitachi API for Amazon S3 is an HTTP-based API. This means that you use URLs to identify tenants, buckets, and objects. Every S3 compatible request for access to HCP must include the URL for the service point, bucket, or object that’s the target of the request.

With every S3 compatible request, you also need to either provide credentials for the user account you’re using or request anonymous access. If HCP determines that credentials you provide correspond to a valid user account and that the user account has the applicable permissions for the requested operation, you become an authenticated user.

HCP supports three methods of user authentication for the S3 compatible API: Amazon Web Services™ (AWS™), Active Directory (AD), and HCP. With AWS authentication, HCP follows the Amazon S3 method of authenticating users. With AD authentication, HCP authenticates users with AD. With HCP authentication, HCP uses its own standard method. If you’re using the S3 compatible API to develop applications that are compatible with Amazon S3, you should use AWS authentication.

This section of the Help describes the URLs you can use in S3 compatible requests when using AWS or AD authentication. It also explains how to provide credentials or request anonymous access with that authentication method.

  • All the examples of S3 compatible requests in this book assume AWS authentication.
  • To use a recognized Active Directory user account for access to HCP through the S3 compatible API, applications can use AWS authentication with the AD identifier. Alternatively, they can use the SPNEGO protocol to negotiate the AD user authentication themselves.