Hawk allows you to generate a bewit signature for any
GET request. Including
this bewit signature in your request will then authenticate and authorize the
request. All Taskcluster APIs support authentication of
GET requests using
these bewit signatures. And you'll find that the official
offers an API for generating these signatures.
Pre-signed URLs are allow an HTTP client which does not directly support Hawk -- such as a browser or a command-line tool -- to access Taskcluster resources. A common use-case is to provide a link to a private artifact.