TheKoguryo's Tech Blog

 Version 2024-11-29

Warning

This content has been generated by machine translation. The translations are automated and have not undergone human review or validation.

7.3 Object Permission Management - Pre-Authenticated Requests

Pre-Authenticated Requests is a function that allows users to access buckets or objects without authentication. It is created as a temporary shared link that allows you to access the Bucket or Object without authentication until the specified period. This shared link will make it accessible to any user.

Access to Object URL

  1. In the Object Details screen, check the URL path of the object.

    image-20220112153023718

  2. If you access the verified URL path with a browser, the following error occurs.

    image-20220112154321847

Setting Pre-Authenticated Requests on Object

  1. Click Create Pre-Authenticated Request from the action menu on the right side of the object.

    image-20220112154519136

  2. This is the Create Pre-Authenticated Request setting screen.

    • Target: You can select a target based on Bucket, Object, or Prefix. In this case, it is Object.

    • Access Type: You can set permissions for read and write.

    • Expiration: You can set the expiry period. The default is one week.

      After setting, click Create Pre-Authenticated Request below.

      image-20220112155023915

  3. Copy the created PAR share link.

    image-20220112155108789

  4. Access the PAR share link with your browser. It is accessed fine without authentication as shown in the picture.

    image-20220112155203572

Deleting Pre-Authenticated Requests

  1. Select Pre-Authenticated Requests from the Resources menu on the left side of the Bucket detail screen. Then, the currently created PAR list is displayed as shown in the figure. Select the right action menu of the PAR to be deleted and click Delete.

    image-20220112155442766

  2. After confirming the confirmation message, click OK.

  3. After the PAR is deleted, access the previously accessed PAR shared link again. As shown in the picture, it is no longer accessible.

    image-20220112155558644

Setting up Pre-Authenticated Requests on Bucket

  1. Bucket can also create a PAR shared link in the same way.

    • Enable Object Listing: It is recommended to additionally enable the function to get a list when accessing the API.

      image-20220112155844976

  2. If Enable Object Listing is enabled, when you access the Bucket PAR shared link, the resulting list is displayed as a JSON message as shown below. Access to individual objects is possible with SDK or API. So, let’s skip this part for now.

    image-20220112160148229

  3. Create a pre-authentication link for Prefix in the same way.



As an individual, this article was written with my personal time. There may be errors in the content of the article, and the opinions in the article are personal opinions.

Last updated on 12 Jan 2022