Authentication methods in Selectel products
Authentication is required when working with Selectel products:
- through the control panel;
- with APIs and tools.
Authentication in the control panel
Two independent factors are used to enter the control panel:
- The first factor is the user's e-mail address and password;
- The second factor is a two-step authentication code, which can be obtained from the list of backup codes, from the authenticator application, by SMS or e-mail.
Two-step authentication is enabled by default for all users. If you are an Account Owner, you can disable two-step authentication for yourself and use only the first factor to log in. Other users cannot disable two-step authentication - they can only choose to receive the second factor.
Authentication for APIs and tools
Selectel products can be used to authenticate requests to the API, depending on the API and user type:
- IAM-token (X-Auth-Token) for an account or project - generated on demand at the time of authentication, has a limited lifetime and is supported in the API of most Selectel products;
- or static token (X-Token, API key) - has no lifetime limit and is designed to work with APIs that do not yet support IAM token.
To see which tokens are supported for each API and how to issue a token, see the API Documentation Request Authentication instructions. If the API supports both an IAM token and a static token, we recommend using an IAM token.
In some cases, you can use for authentication when accessing third-party APIs and when using automation tools:
- S3 key (EC2 key) - Access Key and Secret Key value pair, used to sign requests when working with AWS-based products: S3 and Log Service . You can add an S3 key to yourself or give it to another user;
- or service user name and password - are used to manage OpenStack and Terraform resources. To create them, use the Add Service User subsection of the Add User instructions.