For authentication purposes you are issued an access key ID (AK) and a secret access key (SK) upon registration in OBS. A request sent to OBS can be authenticated using its Authorization header that contains a signature generated using the SK and request parameters. Before authentication, the names of buckets and objects are URL encoded and then authentication information begins to generate.
OBS supports two authentication modes: V2 authentication and V4 authentication. In OBS however, the recommended authentication mode is V4 as V2 authentication is more susceptible to security breaches. There are three differences between V2 and V4 authentication modes:
- V4 authentication uses the HMAC-SHA256 algorithm to enhance security.
- V4 authentication enables user data to incorporate into signature calculation.
- Users can specify the header that is used for signature calculation in V4 authentication.
V4 authentication is recommended because V2 authentication is more susceptible to security breaches.