Identity Authentication and Access Control
Identity Authentication
You can use OCR services through the console, APIs, or SDKs. Essentially, access requests are sent through OCR RESTful APIs.
You can use either of the following authentication methods to call OCR APIs:
- Token authentication: Requests are authenticated using a token.
- AK/SK-based authentication. Requests are encrypted using access key ID (AK)/secret access key (SK). An authenticated request must contain a signature value. The signature value is calculated based on the requestor's access key (AK/SK) as the encryption factor and the specific information carried in the request body. OCR supports authentication using an access key (AK/SK pair). It uses AK/SK-based encryption to authenticate requests. For details about access keys and how to obtain them, see Authentication.
Access Control
OCR supports access control through permissions (IAM permissions).
|
Method |
Description |
|
|---|---|---|
|
Permission Control |
IAM permissions |
IAM permissions define which actions on your cloud resources are allowed and which actions are denied, to control access to your resources. After an IAM user is created, the administrator adds it to a user group. The administrator can grant the user group required OCR access permissions and all users in this group then inherit the granted permissions. |
|
Agency authorization |
To use data stored on OBS, you can authorize OCR to access OBS. |
|
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
