search
Status
githubEdit

Authentication for S3 Storage

hashtag
Overview

circle-info

If you're using Whereby-hosted storage, you can skip this guide. This only applies to Self-hosted cloud recordings and session transcriptions.

When storing cloud recordings and session transcriptions in S3, the system must authenticate with your S3 bucket to upload and manage objects securely.

We support two authentication methods:

  • Access Key authentication

  • OIDC (OpenID Connect) authentication

Both methods allow access to the same S3 functionality, but they differ in how credentials are managed and how they are configured.

This documentation explains:

  • What each authentication type is and how it works

  • When to use each method

  • How to configure both Access Key and OIDC authentication

hashtag
At a glance

  • Access Key authentication uses long-lived AWS credentials (access key ID and secret access key).

  • OIDC authentication uses short-lived credentials by assuming an IAM role via an OpenID Connect identity provider.

For most production environments, OIDC authentication is recommended.

circle-exclamation

OIDC Authentication is currently in Early Access only. Currently, we only support OIDC authentication with AWS, with hopes to expand this to other providers in the future. If you'd like to discuss early access or suggest alternate providers, please contact us at [email protected]. .

Understanding authentication typeschevron-rightConfigure Access Key Authenticationchevron-rightConfigure OIDC Authenticationchevron-right

Last updated

Was this helpful?