Blomp Support Forums

Hello Blomp Support,

I'm integrating Blomp into my open-source file manager (AeroFTP) using the OpenStack Swift API, following your official guide.

Authentication works perfectly, I can obtain a valid token from https://authenticate.blomp.com/v2.0/tokens using auth version 2 with tenant "storage", exactly as documented.

However, the storage endpoint returned in the service catalog (http://swiftproxy.acs.ai.net:8080/v1/AUTH_...) responds with 403 Forbidden to all requests, even with the valid token attached.

Could you help clarify:

Is swiftproxy.acs.ai.net:8080 the correct public endpoint for external API access?
Is there a different storage URL that should be used instead?
Does the free tier require any activation step before API access is available?

Thank you for your time!

Hi there,

Thanks for reaching out and for the detailed explanation, that really helps.

We’ve received your report and our developers are currently looking into the 403 Forbidden issue on the storage endpoint. We’ll review the endpoint configuration and API access behavior to identify what’s causing this.

We’ll follow up with an update as soon as we have more information.

Appreciate your patience in the meantime.

Best regards,
Blomp Support

Hi there,

Thank you for reaching out.

To answer your questions:
1. Is swiftproxy.acs.ai.net:8080 the correct public endpoint for external API access?
Yes, this is the correct endpoint for external API access to Blomp's storage service.

2.Is there a different storage URL that should be used instead?
Depending on the framework you're using, you may need to include the full path, which would look like http://swiftproxy.acs.ai.net:8080/v1/AU ... 2775583f6f, but the platform should typically handle this automatically, and you likely won't need to manually specify it.

3. Does the free tier require any activation step before API access is available?
No, there is no activation required for API access on the free tier. You should be able to start using the API right away.

Additionally, we recommend using the OpenStack CLI with your credentials first to validate the data being sent before fully integrating with the platform. This can help ensure everything is set up correctly.

We’re actively working on improvements to enhance API access, and you should see further progress in the next month as we continue optimizing our systems.

If you continue to face issues with the 403 Forbidden response, please let us know, and we'll further investigate the issue.
Best regards,
Blomp Support

Hi,

Thank you for the quick response and the confirmation about the endpoint.

We've made progress - Keystone v2 authentication is working correctly:

POST https://authenticate.blomp.com/v2.0/tokens
Body: {"auth":{"passwordCredentials":{"username":"...","password":"..."},"tenantName":"storage"}}

Response: 200 OK - token issued successfully.
Storage URL returned: http://swiftproxy.acs.ai.net:8080/v1/AU ... 2775583f6f

However, we get a 403 Forbidden when listing containers using the issued token:

GET http://swiftproxy.acs.ai.net:8080/v1/AU ... ormat=json
Headers:
X-Auth-Token: <token from Keystone response>
Accept: application/json

Response: HTTP 403 Forbidden - "Access was denied to this resource."

So the authentication step works fine, but the storage proxy rejects the token when we try to access the actual storage. Could there be a permissions issue on the proxy side, or is there an additional header required for container listing?

The integration is fully built and ready - Keystone v2 auth, container discovery, file operations - we just need the storage proxy to accept the token.

Happy to run any additional tests if it helps debug the issue on your side.

Best regards,
Ale P.
Dev AeroFTP

========================================

Quick update - we followed your recommendation and tested with the official
OpenStack Swift CLI (python-swiftclient 4.10.0):

swift --os-username "..." --os-password "..." --os-tenant-name "storage" \
--os-auth-url https://authenticate.blomp.com/v2.0 --auth-version 2 list

Result: same 403 Forbidden on container listing.
Transaction ID: tx8c56132e96b045cdaa78f-0069cc59a1

The auth token is issued correctly by Keystone, but the storage proxy at
swiftproxy.acs.ai.net:8080 rejects it. This confirms the issue is on the
proxy side, not in our client implementation.

The Transaction ID above should help you trace the request in your logs.