You should review the security measures implemented for the REST API and understand how to secure your system.
Steps
How StorageGRID provides security for the REST API
The StorageGRID system uses Transport Layer Security (TLS) connection security, server authentication, client authentication, and client authorization. When considering security issues, you might find it helpful to understand how the StorageGRID system implements security, authentication, and authorization for the REST API.
Security certificates for client applications
When a client application establishes a TLS session to the StorageGRID system, the system sends a server certificate to the client application for verification to ensure that the HTTPS connection is secure.
Supported hashing and encryption algorithms for TLS libraries
Client applications use the HTTPS protocol to communicate with the StorageGRID system over a network connection that uses Transport Layer Security (TLS). The StorageGRID system supports a limited set of hashing and encryption algorithms from the TLS libraries that client applications can use when establishing a TLS session. When you are setting up the communication processes, it is important for you to know which security algorithms the system uses.