LoginSign Up

Forum

API Gateway Authentication Signature Not Valid

0 votes

I'm trying to add an authetication policy to my API, I have created a test API called HelloWorld, i have created an IAM and an authetication policy of type Key.

 

I am testing in the "Test API and View Specs" section, i am generating the signature and timeStamp on my machine using this code: https://github.com/shephertz/App42_APIGatewayUtillity

 

I am calling the signature function like this: generateSignature(apiName, apiVersion, apiKey, secretKey, body); using the following initialization:

String apiName = "HelloWorld";//"LigaEndesa";

String apiVersion = "1.0";

String apiKey = IAM_KEY;

String secretKey = IAM_SECRET_KEY;
String body = "hello";
 
I think all is correct, but when i do the request it says "Signature Not Valid".
What is the error??
 
Thanks!
asked Oct 8, 2016 in App42 API Gateway by alberto__segura (10 points)

1 Answer

0 votes

Hi Alberto,

To use the signature validation on your APIs , please make sure you are following the correct path as given below:

 

1.  Signature & Timestamp Validation is only for POST requests.

2. Make sure you have you have attached the API operation to the IAM in IAM Mappings.

3. Make sure you have attached the API operation to Auth Policy in API Settings.

4.  Initialize the variables as shown below.

 String apiName = "HelloWorld";   // This is your Operation Name (not api name).

 String version = "1.0";  // project version
 
 String body = "{\"singer\": \"Metallica\",\"title\": \"Enter Sandman\"}";  // exact Body 
 
 String signature = generateSignature(apiName,version,IAM_Key,IAM_Secret_KEY,body);
 
 System.out.println("Signature: "+signature);
 
4. When Requesting from test api and view specs , please make sure you are passing the body same as you have passed while generating the signature.
 
5. The signature and timestamp generated will be valid for the mentioned timestamp period which you have given in the auth policy.
 
Follow these steps and all will be good.
 
Please let us know if you are still facing any issues. We ll be happy to  help you.
 
Thanks & Regards,
 
Ashutosh
answered Oct 10, 2016 by AshutoshYShepHertz (10 points)
Download Widgets
Welcome to ShepHertz Product line forum, where you can ask questions and receive answers from the community. You can also reach out to us on support@shephertz.com
...