1. <ProductName> REST APIREST API for Identity in Oracle Cloud Infrastructure Object Storage Classic
  2. Authentication

Authentication

To request an authentication token, send a GET request to the authentication URL for your account.

To obtain the authentication URL for your account:
  1. Sign in to the Oracle Cloud My Services application.

    The My Services dashboard is displayed. It lists the services that are assigned to your account.

  2. Look for Oracle Cloud Infrastructure Object Storage Classic.
  3. Select View Details from the Actions menu. Alternatively, click the Oracle Cloud Infrastructure Object Storage Classic link on the Dashboard page.

    On the resulting page, the details of your Oracle Cloud Infrastructure Object Storage Classic instance are displayed.

    • If your account was created after April 2017, then note the authentication URL that is displayed in the Auth V1 Endpoint field under the Additional Information section.

      For example: https://foo.storage.oraclecloud.com/auth/v1.0

    • If your account was created before April 2017, then you must construct the authentication URL:

      1. Note the REST Endpoint URL, which is displayed in the REST Endpoint field under the Additional Information section.

        For example: https://foo.storage.oraclecloud.com/v1/myservice-bar

      2. Delete the following portion of the REST Endpoint URL:

        v1/myservice-bar

        The edited URL is: https://foo.storage.oraclecloud.com/

      3. Append the following to the edited URL:

        auth/v1.0

        Assuming that the REST endpoint URL for your account is https://foo.storage.oraclecloud.com/v1/myservice-bar, the equivalent authentication URL would be https://foo.storage.oraclecloud.com/auth/v1.0.

When you send the GET request to the authentication URL that you just constructed, include the user credentials in the following headers:

  • X-Storage-User

    Syntax for metered and non-metered subscriptions: X-Storage-User: serviceInstanceID:userName

    Say the REST API endpoint URL for your service instance is https://foo.storage.oraclecloud.com/v1/myservice-bar.

    In the above example:

    • The service name would be myservice

    • The service instance ID would be myservice-bar

    • foo and bar can be the same or different values, and can include one or more hyphens

  • X-Storage-Pass: password

You can find out your user name, password, and identity domain from the New Account Information email that you received from Oracle Cloud when your account was set up.

If you don't have your New Account Information email, ask your account administrator for your Oracle Cloud user name, password, and identity domain.

If your user credentials are not authenticated, the service returns an HTTP response with a status code of 401 and no authentication token is returned.

If the credentials are authenticated, the service either returns the currently active authentication token or generates a new authenticate token. Authentication tokens are returned as the value of the HTTP header X-Auth-Token in the HTTP response. Requesting an authentication token with credentials that already have an active authentication token will not extend the expiration time of the existing authentication token.

Here's an example of a cURL command for requesting an authentication token:

curl -v -X GET \
     -H "X-Storage-User: myservice-bar:myUsername" \
     -H "X-Storage-Pass: myPassword" \
     https://foo.storage.oraclecloud.com/auth/v1.0

The following is an example of the output of this command:

> GET /auth/v1.0 HTTP/1.1
> Host: foo.storage.oraclecloud.com
> Accept: */*
> X-Storage-User: myservice-bar:myUsername
> X-Storage-Pass: myPassword

< HTTP/1.1 200 OK
< X-Storage-Url: https://foo.storage.oraclecloud.com/v1/myservice-bar
< X-Storage-Token: AUTH_tk209f7f2ea1265a0d3f29d28a2dc8ced6
< X-Auth-Token: AUTH_tk209f7f2ea1265a0d3f29d28a2dc8ced6
< X-Trans-Id: txba4aa8f776164c33b7aa587554c29fb6
< Content-Length: 0
< Cache-Control: no-cache
< Pragma: no-cache
< Content-Type: text/plain
< Content-Language: en

To use your authentication token, include it as the value of the X-Auth-Token HTTP header in every HTTP request to the service instance. If your authentication token is not valid, or has expired, the service returns an HTTP response with the status code 401 and the requested operation will fail. If the authentication token has expired, you must request a new token. If you are reading publicly accessible objects, you do not need to provide an authentication token in your HTTP request; anonymously accessible objects do not need an authentication token.

Here's an example of a cURL command for storing an object in an account using an authentication token:

curl -v -X PUT \
     -H "X-Auth-Token: AUTH_tk209f7f2ea1265a0d3f29d28a2dc8ced6" \
     -d "Hello, World!" \
     https://foo.storage.oraclecloud.com/v1/myservice-bar-23/myContainer/myObject

The following is an example of the output of this command:

> PUT /v1/myservice-bar-23/myContainer/myObject HTTP/1.1
> Host: foo.storage.oraclecloud.com
> Accept: */*
> X-Auth-Token: AUTH_tk209f7f2ea1265a0d3f29d28a2dc8ced6
> Content-Length: 13
> Content-Type: application/x-www-form-urlencoded

< HTTP/1.1 201 Created
< Content-Length: 0
< Etag: 65a8e27d8879283831b664bd8b7f0ad4
< Content-Type: text/html; charset=UTF-8
< X-Trans-Id: tx287a1a8e33cc45e5a1431817e3e87621
< Cache-Control: no-cache
< Pragma: no-cache
< Content-Language: en