GET'> HEAD'> PUT'> POST'> DELETE'> '> '> ]>

Client authentication is provided via a ReST interface using the &GET; method, with v1.0 supplied as the path. Additionally, two headers are required, X-Auth-User and X-Auth-Key with values for the username and API Access Key respectively. Each ReST request against the OpenStack Object Storage system requires the inclusion of a specific authorization token HTTP x-header, defined as X-Auth-Token. Clients obtain this token, along with the Cloud Servers API URL, by first using an authentication service and supplying a valid username and API access key. To authenticate, you must supply your username and API access key in x-headers: Use your OpenStack Object Storage (Swift) username as the username for the API. Place it in the X-Auth-User x-header. Get your API access key from authentication service you chose when installing. You have some options for auth, including tempauth (which is included with Swift), swauth (an auth service for Swift as WSGI middleware that uses Swift itself as a backing store that is provided via download from Github), the OpenStack Identity Service (project named Keystone), or you can use your own authentication system. Place your access key in the X-Auth-Key x-header. When authentication is successful, an HTTP status 204 (No Content) is returned with the X-Storage-Url and X-Auth-Token headers. Any 2xx response is a good response. For example, a 202 response means the request has been accepted. Also, additional X- headers may be returned. These additional headers are related to other Rackspace services and can be ignored. An HTTP status of 401 (Unauthorized) is returned upon authentication failure. All subsequent container/object operations against OpenStack Object Storage should be made against the URI specified in X-Storage-Url and must include the X-Auth-Token header. The X-Storage-Url will need to be parsed and used in the connection and request line of all subsequent requests against Object Storage. In the example response above, users connecting to OpenStack Object Storage would send most container/object requests with a host header of storage.swiftdrive.com and the request line's version and account as /v1/CF_xer7_34. Note that authentication tokens are valid for a 24 hour period for many authentication configurations.

The OpenStack Object Storage API is implemented as a set of ReSTful (Representational State Transfer) web services. All authentication and container/object operations can be performed with standard HTTP calls. See the Representational State Transfer on ReST for more information The following constraints apply to the ReST API's HTTP requests: Maximum number of HTTP headers per request: 90 Maximum length of all HTTP headers: 4096 bytes Maximum length per HTTP request line: 8192 bytes Maximum length of HTTP request: 5 gigabytes Maximum length of container name: 256 bytes Maximum length of object name: 1024 bytes Container and object names must be UTF-8 encoded and then should be properly URL-encoded prior to interacting with the ReST interface. You may be using an API binding that performs the URL-encoding on your behalf. If so, do not URL-encode before calling the API binding otherwise you will double-encode container and object names. The length restrictions should be checked against the URL-encoded string. Each ReST request against the OpenStack Object Storage system requires the inclusion of a specific authorization token HTTP header defined as X-Auth-Token. Clients obtain this token, along with the OpenStack Object Storage URLs, by first using the Authentication service and supplying a valid Username and API Access Key. The ReST service identified with X-Storage-Url is used for managing the data stored in the system. Example operations are creating containers and uploading objects. In the following sections, the purpose of each HTTP method depends upon which service the call is made against. For example, a &PUT; request against X-Storage-Url can be used to create a container or upload an object. The language-specific APIs mask this system separation from the programmer. They simply create a container and mark it public and it handles calling out to the appropriate back-end services using the appropriate ReST API. All requests to authenticate and operate against OpenStack Object Storage are performed using SSL over HTTP (HTTPS) on TCP port 443.