tencent cloud

Feedback

Remote Authentication

Last updated: 2024-03-13 10:34:54

    Remote Authentication

    Note:
    Remote Authentication is only available to users who used the Remote Authentication feature before November 8, 2023. If this feature is not visible on the console, you can go to the EdgeOne access point.

    Overview

    To prevent unauthorized access, Tencent Cloud supports remote authentication in addition to advanced timestamp authentication at the CDN edge.
    The following describes how remote authentication works:
    
    
    
    1. The end user initiates a request.
    2. CDN forwards the request to the remote authentication server.
    3. The authentication server returns a status code as the authentication result.
    4. The CDN node responds to the requester according to the return code.
    Note:
    When the return code is 200/206/304, the authentication succeeded. For a successful authentication, the request is allowed with 200 returned; for an authentication failure, it is blocked with 403 returned.
    For now, only synchronized remote authentication is supported, which means that CDN responds after receiving the authentication result from the remote authentication server.
    Note that remote authentication is NOT supported in some regions outside the Chinese mainland.
    Remote authentication is not available for audio and video resources

    Directions

    Log in to the CDN console, select Domain Management on the left sidebar. Click Manage on the right of the domain name to enter its configuration page. Configure remote authentication on the Access Control tab.
    Server Address: enter an HTTP/HTTPS domain name or an IP address.
    Request Method: select a request method. You can choose to follow client request or specify a request method (GET/POST/HEAD).
    File Type: set the authentication scope. You can choose All content/Specified File Extension/Specified File.
    Timeout Period: set the amount of response timeout period for the remote authentication server. The maximum value is 30,000 ms.
    Timeout Action: the action taken after the response timed out. The default value is Allow.
    
    
    

    Sample

    Assume the acceleration domain name is www.example.com and its remote authentication is configured as follows:
    Server Address: www.remoteauth.com
    Request Method: Follow client request
    File Type: All content
    Timeout Period: 1,500 ms
    Timeout Action: Block
    CDN will respond to the user request as follows:
    1. The user initiates a GET request: http://www.example.com/v001/test.txt?token=Gf6Gq04ymjdSTXusvTmh8yalO82YsuKUQb63ToXOFc&e=1467565695283&sign=854124740723b575a7cfa4fc40f0be30
    2. CDN receives the request and forwards it to the remote authentication server: http://www.remoteauth.com/v001/test.txt?token=Gf6Gq04ymjdSTXusvTmh8yalO82YsuKUQb63ToXOFc&e=1467565695283&sign=854124740723b575a7cfa4fc40f0be30
    3. The remote authentication server returns a status code.
    4. CDN responds normally with 200 if the returned status code is 200 (i.e., the authentication passed).
    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support