The ability to have temporary URLs is something that has been requested for quite some time. Since Cloud Files runs on openstack swift, we get some of the new features available, such as temporary URLs. This will allow you to create temporary URLs so your end users can consume your product, while having it expire after a few days, or minutes, so it isn’t possible to share the link, limiting unauthorized downloads.

Keep in mind, this isn’t officially supported by Rackspace yet, so you’re on your own for it, however it does work and you can start taking advantage of it now. Read on after the jump for the how-to.

The first thing we need(Aside of an account), is the API key.

You can locate this in your control panel under ‘Your Account’, if you’re using Cloud Files, you more then likely already have this. Once you have your API key, we need to create authenticate and create/set our key.

Let’s go ahead and authenticate first:

$ curl -I -X GET -H X-Auth-User:USER -H X-Auth-Key:APIKEY
HTTP/1.1 204 No Content
Server: Apache/2.2.3 (Red Hat)
vary: X-Auth-Token,X-Auth-Key,X-Storage-User,X-Storage-Pass
Cache-Control: s-maxage=5028
Content-Type: text/xml
Date: Mon, 16 Apr 2012 18:41:46 GMT
X-Auth-Token: ~
X-Storage-Token: ~
Connection: Keep-Alive
Content-Length: 0

Next, let’s go ahead and make a key. It can be whatever you want (Alphanumeric) within the limitations of the header length, however I recommend just echoing out some text and making an md5 or sha of it.

$ echo -n "Random text so I can make my key with it and such" | md5sum
7acc0fe42358c0232053b3fc7254609c  -

Once we have this, we can go ahead and set it on our account:

$ curl -i -X POST -H X-Auth-Token:~token -H X-Account-Meta-Temp-URL-Key:7acc0fe42358c0232053b3fc7254609c
HTTP/1.1 204 No Content
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Trans-Id: txd69ae1123b4d4f8c82ab1a38bfb3a499
Date: Mon, 16 Apr 2012 19:02:22 GMT

A few notes about your key, if you change it, it will invalidate every URL you have generated after about a minute (Due to caching), additionally, you can check it by issuing a HEAD against your account, so you won’t have to invalidate all your old URLS if you forget it –

$ curl -I -H X-Auth-Token:TOKEN
HTTP/1.1 204 No Content
X-Account-Object-Count: 52
X-Account-Meta-Temp-Url-Key: 7acc0fe42358c0232053b3fc7254609c
X-Account-Bytes-Used: 61839518344
X-Account-Container-Count: 2
Accept-Ranges: bytes
Content-Length: 0
X-Trans-Id: txa90bbf3e259443d5bd4c312adddc1767
Date: Mon, 16 Apr 2012 19:31:12 GMT

After you’ve set up your key on your account, we can go ahead and generate the URL using a python script:

import hmac
from hashlib import sha1
from time import time
method = 'GET'
expires = int(time() + TIME FROM NOW TO EXPIRE, IN SECONDS)
base = 'BASEURL'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig =, hmac_body, sha1).hexdigest()
print '%s%s?temp_url_sig=%s&temp_url_expires=%s' % (base, path, sig, expires)

For comparison, here is what mine looked like:

import hmac
from hashlib import sha1
from time import time
method = 'GET'
expires = int(time() + 600)
base = ''
path = '/v1/MossoCloudFS_d58d266b-3601-4d95-8e96-2063c9caef48/test/test.txt'
key = '7acc0fe42358c0232053b3fc7254609c'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig =, hmac_body, sha1).hexdigest()
print '%s%s?temp_url_sig=%s&temp_url_expires=%s' % (base, path, sig, expires)

Now that we have the script made, we can generate our URL and give it to end users:

$ python

$ curl -I ""
HTTP/1.1 200 OK
Last-Modified: Fri, 18 Nov 2011 23:32:41 GMT
Accept-Ranges: bytes
Etag: 8d777f385d3dfec8815d20f7496026dc
Content-Type: text/plain
Content-Length: 4
X-Trans-Id: txf8297b7c83d44a85bcb9d28c7141ca08
Date: Mon, 16 Apr 2012 19:03:41 GMT

Again, this exists in the Swift implementation for Rackspace Cloud, however it is not officially supported yet. If you have issues, you’re pretty much on your own. However it seems to work fine, and it will probably be in the documentation soon and officially supported, so you can start utilizing it now!

« »