18.5. Working with Unified File and Object Storage

This section describes the REST API for administering and managing Object Storage. All requests will be directed to the host and URL described in the X-Storage-URL HTTP header obtained during successful authentication.

18.5.1. Configuring Authenticated Access

Authentication is the process of proving identity to the system. To use the REST interface, you must obtain an authorization token using GET method and supply it with v1.0 as the path.
Each REST request against the Object Storage system requires the addition of a specific authorization token HTTP x-header, defined as X-Auth-Token. The storage URL and authentication token are returned in the headers of the response.
  • To authenticate, run the following command:
    GET auth/v1.0 HTTP/1.1
    Host: <auth URL>
    X-Auth-User: <account name>:<user name>
    X-Auth-Key: <user-Password>
    For example,
    GET auth/v1.0 HTTP/1.1
    Host: auth.example.com
    X-Auth-User: test:tester
    X-Auth-Key: testing
    HTTP/1.1 200 OK
    X-Storage-Url: https:/example.storage.com:443/v1/AUTH_test
    X-Storage-Token: AUTH_tkde3ad38b087b49bbbac0494f7600a554
    X-Auth-Token: AUTH_tkde3ad38b087b49bbbac0494f7600a554
    Content-Length: 0
    Date: Wed, 10 jul 2011 06:11:51 GMT
    To authenticate access using cURL (for the above example), run the following command:
    curl -v -H 'X-Storage-User: test:tester' -H 'X-Storage-Pass:testing' -k
    The X-Auth-Url has to be parsed and used in the connection and request line of all subsequent requests to the server. In the example output, users connecting to server will send most container/object requests with a host header of example.storage.com and the request line's version and account as v1/AUTH_test.


By default, the authentication tokens are valid for a 24 hour period. However, you can configure the validity of authentication token.