I have looked all through the SoftLayer API documentation, but I cannot find any reference to how one manages which portal users may access the Object Storage authentication endpoints to get the access token.

if you wish an user have access to the object storage you have to grant the following permissions:

"Manage CDN Account", "Manage CDN File Transfer" and "Manage Storage"

Remove the permissions above in order to not let your user to access the object storage

see:

http://knowledgelayer.softlayer.com/faq/can-user-have-cdn-and-storagelayer-permissions-granted-be-prohibited-accessing-object-storage http://knowledgelayer.softlayer.com/faq/can-sub-user-access-object-storage http://knowledgelayer.softlayer.com/procedure/manage-object-storage-user

using API you can set the permissions using these methods:

http://sldn.softlayer.com/reference/services/SoftLayer_User_Customer/addBulkPortalPermission http://sldn.softlayer.com/reference/services/SoftLayer_User_Customer/removeBulkPortalPermission

here an example: https://gist.github.com/underscorephil/7583408

It seems to be similar to this question:

Softlayer Object Storage Auth Endpoint

References:

Managing SoftLayer Object Storage Through REST APIs