I am using IBM's SoftLayer Object Storage which is similar to Amazon's S3.
From my web app, I allow users to upload files. Currently the web app communicates with my RESTful API which then communicates with the SoftLayer Object Storage API. Communication with SoftLayer requires a username and a key -- these are meant to be secret.
Because upload files can be large, I want to to bypass my API and communicate with SoftLayer directly from my web app. I believe this is possible, but the problem is that then I will expose my username and secret key via my application's publicly visible source in JavaScript.
Is there any way around this with SoftLayer?
It seems something like this is possible with S3: