Adding a Signature to Your API Request
You can add the signature to your API request after you calculate it in Calculating a Signature.
You can include the signature either in the HTTP
Authorization header or as a parameter in the query string, but not in both at the same time.
You do not need to do this procedure if you use OSC CLI, AWS CLI, or an SDK for your API request.
Adding the signature to the Authorization header
Before you begin: Complete the Calculating a Signature procedure.
To build the
Authorization header, refer to the following pseudocode:
Authorization: algorithm Credential=access key ID/credential scope, SignedHeaders=SignedHeaders, Signature=signature
Authorization header is created and contains the signature.
Authorization: AWS4-HMAC-SHA256 Credential=ACCESSKEYID/20180915/eu-west-2/ec2/aws4_request, SignedHeaders=content-type;host;x-amz-date, Signature=8522c3bcf28f7c39dd7667ccf86a8d31718ca04d56d39d48649119d48021f567
Adding the signature to the query string
To build a query string with all the parameters of the request and the calculated signature, refer to the following pseudocode:
querystring = Action=action querystring += &X-Amz-Algorithm=algorithm querystring += &X-Amz-Credential= urlencode(access_key_ID + '/' + credential_scope) querystring += &X-Amz-Date=date querystring += &X-Amz-Expires=timeout interval querystring += &X-Amz-SignedHeaders=signed_headers querystring += &X-Amz-Signature=signature
All the values of the query string, except for the signature, are included in the canonical query string which is part of the canonical request you created in Creating a Canonical Request.
If you create a request in which all the parameters are included in the query string, the resulting URL represents an action that is already authenticated. Therefore, you must treat this URL with as much caution as you would for your actual credentials. We recommend specifying a short expiration time for the request with the
The query string contains all the parameters of the request and the signature.
AWS™ and Amazon Web Services™ are trademarks of Amazon Technologies, Inc or its affiliates in the United States and/or other countries.