I have looked all through the SoftLayer API documentation, but I cannot find any reference to how one manages which portal users may access the Object Storage authentication endpoints to get the access token.
if you wish an user have access to the object storage you have to grant the following permissions:
"Manage CDN Account", "Manage CDN File Transfer" and "Manage Storage"
Remove the permissions above in order to not let your user to access the object storage
see:
http://knowledgelayer.softlayer.com/faq/can-user-have-cdn-and-storagelayer-permissions-granted-be-prohibited-accessing-object-storage http://knowledgelayer.softlayer.com/faq/can-sub-user-access-object-storage http://knowledgelayer.softlayer.com/procedure/manage-object-storage-user
using API you can set the permissions using these methods:
http://sldn.softlayer.com/reference/services/SoftLayer_User_Customer/addBulkPortalPermission http://sldn.softlayer.com/reference/services/SoftLayer_User_Customer/removeBulkPortalPermission
here an example: https://gist.github.com/underscorephil/7583408