How to use the API

Before you start

To use the API:

  1. Create a service account.
  2. Assign a role to a service account.
  3. Create a static access key.

To access the HTTP API directly, you need static key authentication, which is supported by the tools listed in Supported tools.

For a list of supported Amazon S3 HTTP API methods, see the API reference.

General API request format

{GET|HEAD|PUT|DELETE} /<bucket>/<key> HTTP/1.1
Content-Length: length
Date: date
Authorization: authorization string (AWS Signature Version 4)


The name of the bucket can be specified as part of the host name. In this case, the request looks like:

Host: <bucket>

The set of headers depends on the specific request and is described in the documentation for the corresponding request.

If you use the API directly (without an SDK or apps), you need to generate the Authorization header yourself for authenticating requests. Find out how to do this in the Amazon S3 documentation: Authenticating Requests (AWS Signature Version 4).

Request URL

URLs can taken one of the following forms:

  • https://<bucket><key>?<parameters>

CORS requests

Cross-domain requests are available for all API methods used for object management.

To check permissions, CORS sends the options preflight request to a resource. Object Storage allows you to skip the preflight request when sending cross-domain requests to resources. In this case, your request headers must be the same as those in the preflight request.