Introduction to the S3-Compatible API
- Print
- DarkLight
Introduction to the S3-Compatible API
- Print
- DarkLight
Article Summary
Share feedback
Thanks for sharing your feedback!
The Backblaze B2 Cloud Storage S3-Compatible API implements the most commonly used actions from the Amazon Simple Storage Service (S3) API, and it easily integrates with your existing applications, data management tools, and Amazon S3 gateways.
For more information about the S3-Compatible API and specific how-to guides, click here.
If you are not already a Backblaze B2 user, you can sign up for an account today.
Most applications and scripts use one of the AWS SDKs or the S3 commands in the AWS CLI to access Backblaze B2. All of the SDKs, and the CLI, allow you to override the default Amazon S3 endpoint in favor of Backblaze B2. Sometimes, though, you might want to interact directly with Backblaze B2 via the S3-Compatible API, perhaps in debugging an issue, or just to better understand how the service works. This documentation is the definitive reference for accessing Backblaze B2 directly via the S3-Compatible API.
Prerequisites
If you are familiar with Backblaze, getting started is straightforward:
- Create a Backblaze account.
- Ensure that B2 is enabled on your account.
- Create an application key. You cannot use your master application key with the S3-Compatible API.
- Create a bucket. Note the bucket's Endpoint URL. It has the form
s3.<region>.backblazeb2.com, where <region> is similar tous-west-004. Make a note of the region. At present, unlike Amazon S3, a Backblaze B2 account is associated with a single region. It is not currently possible to create buckets outside of an account's region.
Authentication
The S3-Compatible API supports only v4 signatures for authentication, and v2 signatures are not supported at this time. To learn more about S3 authentication, click here.
Request and Response Formats
Communicate with the API by sending HTTP requests to resource endpoints. The HTTP method determines the action taken.
| DELETE | Use the DELETE method to destroy a resource such as a bucket, object or bucket setting. If it is not found, the operation will return a 4xx error and an appropriate message. |
| GET | To retrieve object data or configuration, use the GET method. Object data is returned in the format it was written; configuration is returned as XML. GET methods are read-only and do not modify any resources. |
| PUT | Use the PUT method to write object data or configuration. Configuration must be formatted as XML according to the schema defined by the Amazon S3 API. |
| POST | Use the POST method with the S3 Delete Object, S3 Complete Multipart Upload, and S3 Create Multipart Upload operations. |
HTTP Response Codes
The API uses standard HTTP response codes to show the outcome of requests. Response codes in the 2xx range indicate success, while codes in the 4xx range indicate a client-side error, such as an authorization failure or a malformed request. 4xx errors return an XML response object explaining the problem as in the following example.
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<Error>
<Code>NoSuchBucket</Code>
<Message>The specified bucket does not exist: NonExistentBucket</Message>
<Resource>NonExistentBucket</Resource>
</Error>Codes in the 5xx range indicate a server-side problem preventing Backblaze B2 from fulfilling your request, and include JSON diagnostics.
{
"code": "internal_error",
"message": "incident id 2f0e432cc922-9c2c28e96a16711b",
"status": 500
}The following table provides possible response codes and their descriptions.
| 200 | OK The response contains your requested information. |
| 201 | Created Your request was accepted. The resource was created. |
| 202 | Accepted Your request was accepted. The resource was created or updated. |
| 204 | No Content Your request succeeded, there is no additional information returned. |
| 400 | Bad Request Your request was malformed. |
| 401 | Unauthorized You did not supply valid authentication credentials. |
| 403 | Forbidden You are not allowed to perform that action. |
| 404 | Not Found No results were found for your request. |
| 429 | Too Many Requests Your request exceeded the API rate limit. |
| 500 | Internal Server Error We were unable to perform the request due to server-side problems. |
Differences from AWS S3
For the most part, the Backblaze B2 Cloud Storage S3-Compatible API operates identically to Amazon S3. There are, however, some important differences that you should bear in mind with designing applications and solutions.
- Backblaze B2 endpoints are located at
backblazeb2.comrather thanamazonaws.com. Most S3-compatible applications and tools let you customize the S3 endpoint to work with S3-compatible APIs outside of Amazon. - Access control lists (ACLs) are set at the bucket level, and only the canned ACL values "private" and “public-read” are supported. You cannot set complex ACLs via XML. Objects inherit their bucket's ACL. Attempting to set an object's ACL to a different value from its parent results in a
403 Forbiddenerror. - Backblaze B2 features slightly different restrictions on file names and bucket names than Amazon S3.
- Buckets in Backblaze B2 are versioned by default. Because buckets are versioned, when a file is deleted by referencing the name, only the most recent version of that file is deleted and older versions of the file continue to exist in the bucket.
- The API endpoints accept only connections over HTTPS. Non-secure connections are rejected.
- Backblaze B2 supports server-side encryption of data using either Backblaze-managed keys (SSE-B2) or using customer-managed keys (SSE-C). SSE-KMS encryption is not currently supported.
- IAM roles, Object Tagging, Bucket Logging, Website configuration, and Lifecycle Rules are not currently supported.
Authorization
AWS Signature
| Access Key | <your-application-key-id> |
| Secret Key | <your-application-key> |
Bucket Operations
This set of operations allows you to manipulate Backblaze B2 buckets.
There is no limit to the number of files in a bucket, but there is a limit of 100 buckets per account.
Aside from the S3 List Buckets operation, all bucket operations use an endpoint in the following form.
https://s3.<region>.backblazeb2.com/<your-bucket-name>
Was this article helpful?