POST object upload authentication

Content Platform Tenant Management Help

Version
9.7.x
File Size
4269 KB
Audience
anonymous
Part Number
MK-95HCPH002-19

A POST object upload request can be authenticated in these ways:

Header authentication
The header can include AWS Signature Version 2 authorization information. Header authentication supports only AWS local user account credentials. Use a header with a value in the format Authorization: AWS all_users: for anonymous access, or Authorization: AWS access-key:signature for authenticated access.
Note: Active Directory, SPNEGO, cookie, and HCP authentication are not supported.
In-form authentication
The POST form can contain authentication-related fields. In-form authentication supports only AWS local user account credentials. All authorization-related form fields must be presented for in-form authentication to succeed. If both V2 and V4 authentication form fields are presented, V2 authentication information is used.
Security policy validation
A policy is included in the request. Required if in-form authentication is used. If the policy is missing, HCP returns a status of 400.

For a namespace that does not permit anonymous access (that is, a non-public bucket), either header or in-form authentication is required. (Both can be provided.)