Help Center> Object Storage Service> Developer Guide> Creating Requests> Obtaining Permanent Access Keys (AK and SK)
View PDF

Obtaining Permanent Access Keys (AK and SK)

OBS provides a set of REST API operations. You can develop your own applications to access OBS by using the software development kits (SDKs) or the REST API provided by OBS. It is strongly recommended that the SDK be used to complete client interconnection development, which simplifies client software implementation and provides better interface compatibility and stability.

The REST API of OBS supports both authenticated requests and anonymous requests. Anonymous requests are typically used only for scenarios that require public access, such as static website hosting. In most scenarios, authenticated requests can successfully access OBS resources. An authenticated request must contain a signature value. The signature value is calculated based on the requestor's access key as the encryption factor and the specific information carried in the request body. The process of calculating the signature is included in the SDK. You only need to set the access key in the SDK initialization phase. The signature calculation is implemented automatically. However, if the client uses the REST API to develop a program to access OBS, the client needs to calculate the signature based on the signature algorithm defined by the OBS and add the signature to the request.

In public cloud services, users are managed in a unified manner. Register an account on IAM and create a pair of access keys. The following is an example of a pair of access keys:
  • AK: indicates the ID of the access key. It is the unique ID associated with a secret access key. The AK and SK are together used to obtain an encrypted signature for a request. Format example: HCY8BGCN1YM5ZWYOK1MH
  • SK: indicates the secret access key used together with the access key ID to sign requests. AK and SK can be used together to identify a request sender to prevent the request from being modified. Format example: 9zYwf1uabSQY0JTnFqbUqG7vcfqYBaTdXde2GUcq

The AK uniquely identifies an IAM user of the public cloud. The OBS determines the identity of the user based on the AK and checks the permission.

For details about how to obtain the permanent access key, see Creating Access Keys (AKs and SKs).

Parent topic: Creating Requests