Cloud origin authentication
Cloud origin providers host your applications and infrastructure, and offer different methods of securing your content. These methods often include authenticating origin requests before accepting them.
When sending a non-anonymous request to a cloud provider, you need to sign the request so that the cloud provider can establish the identity of a requesting client. You sign your requests with an access key supplied by your cloud provider which consists of an access key identifier and a secret access key.
For security reasons, cloud providers use HMAC signatures to authenticate
client requests. An HMAC signature is a keyed-hash message code calculated with
a supplied secret key. Combined, the access key identifier and HMAC signature are passed
in the HTTP
Authorization header of a request.
Routing origin requests
You can now use the Akamai Intelligent Edge Platform to route requests to the origin directly to your cloud provider. This can save costs, prevent choked bandwidth, and avoid saturation of your origin during peak times.
With Cloud Access Manager managing your access keys and letting you sign Akamai requests, you can tunnel traffic to your cloud provider instead of proxying through the origin. At runtime, edge servers inject cloud origin authentication on the forward origin path and deny direct origin requests without proper authentication.