Signing requests
Calculate the Authorization signature for API requests.
Once you have obtained temporary credentials, you will use them to compute the Authorization signature for all additional requests to the API.
Sample temporary credentials
Rightsline utilizes Amazon’s API Gateway and authenticates all calls by leveraging both STS and AWS Signature V4. Instructions for computing the AWS V4 signature can be found here.
Postman
Although you can construct this request by following the instruction contained above from Amazon’s documentation, Rightsline recommends you utilize the instructions at https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-use-postman-to-call-api.html, which will speed up the process quite a bit.
Postman generates the HTTP Request in the required canonical format, including the code for signing a request in various languages:
For your implementation, you will need to generate your Signing Key programmatically (Postman is doing it for you in the background). Instruction for calculating the AWS4-HMAC-SHA256 signature can be found here: https://docs.aws.amazon.com/general/latest/gr/sigv4-calculate-signature.html There are also great examples of how to generate the signature in various programming languages located here: https://docs.aws.amazon.com/general/latest/gr/signature-v4-examples.html
HTTP request example
HTTP Request Method (GET, POST, PUT, etc.) + Canonical URI + HTTP Protocol (HTTP/1.1)
Div API Key; unique to each Rightsline environment
Requested host URL, which will change depending on the API environment ris[-staging, -int, -pm].rightsline.com
Date/Time of the request in Amazon’s required format YYYYMMDD’T’HHMMSS’Z’ (https://docs.aws.amazon.com/general/latest/gr/sigv4-date-handling.html)
Authorization Header with calculated Signing Key. (https://docs.aws.amazon.com/general/latest/gr/sigv4-create-string-to-sign.html)
Last updated
Was this helpful?