---
title: "Authentication With Wasabi S3 API"
slug: "authentication-with-s3-api"
updated: 2025-09-04T13:45:46Z
published: 2025-09-04T13:45:46Z
---

> ## Documentation Index
> Fetch the complete documentation index at: https://docs.wasabi.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication With Wasabi S3 API

- Wasabi S3 supports both HTTP and HTTPS connections, so you can choose the right option for your environment.
- Authentication of calls will be through the Authorization HTTP header. The caller must use both the access and secret keys provided by Wasabi as the Authorization header value: <ACCESS_KEY>:<SECRET_KEY>.
  - You can find, generate, and rotate access keys within the Wasabi Console [Access Keys](https://docs.wasabi.com/docs/access-keys-1)****feature.
  - Keys from a Root account provide full administrative access, including billing, without additional policies. Sub-user keys, however, require attached policies to define their level of access (such as storage or billing permissions).
  - Keep the keys safe and protected. Use them only in trusted server-to-server communications. Do not put the keys in any untrusted environments (such as browser-side JavaScript) or otherwise expose them to unauthorized personnel.

To better control Wasabi S3 API access, Wasabi provides the following policies:

- AmazonS3FullAccess
- AmzonS3ReadOnly