The request signature we calculated does not match the signature you provided Postman
SignatureDoesNotMatch - The request signature we calculated does not match the signature you provided. Check your key and signing method. from aws I found an encodian connector called "Create HMAC" reference . Which I believe might help solve the issue with signature, from the AWS documentation here it seems that I need to do 4 HMAC calculations but I cannot figure out which part keep getting wrong. Here is a part of my flow if it helps: I keep getting this error from the STS HTTP request which I understand as I'm doing some wrong regarding the signature. The Signature Version 4 (SigV4) signed request to Amazon API Gateway failed with a 403 response and an error similar to the following: "The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method." How can I troubleshoot this? Short descriptionAPI Gateway API endpoints using might return 403 errors if:
ResolutionMake sure that the API request using IAM authentication is signed with SigV4. If the API request isn't signed, then you might receive the following error: “Missing Authentication Token” IAM credentialsVerify that the authentication credentials for the access key and secret key are correct. If the access key is incorrect, then you might receive the following error: "The security token included in the request is invalid." Make sure that the IAM entity used to sign the request has permissions. If the IAM entity doesn't have execute-api:Invoke permissions, then you might receive the following error: "User: arn:aws:iam::xxxxxxxxxxxx:user/username is not authorized to perform: execute-api:Invoke on resource" Signature mismatchIf the secret access key is incorrect, then you might receive the following error: "The request signature we calculated does not match the signature you provided." The secret access key must match the access key ID in the Credential parameter. For instructions, follow the Send a request to test the authentication settings section in How do I activate IAM authentication for API Gateway REST APIs? Make sure that you followed the instructions for the SigV4 signing process. If any values in the signature calculation are incorrect, then you might receive the following error: "The request signature we calculated does not match the signature you provided." When API Gateway receives a signed request, it recalculates the signature. If there are differences in the values, then API Gateway gets a different signature. Compare the canonical request and string to your signed request with the value in the error message. Modify the signing process if there are any differences. Example canonical request:
Example canonical error response:
Note: For API gateway headers, only the host and x-amz-date headers are required.
If the credential key is missing or incorrect, you might receive the following error: “Authorization header requires 'Credential' parameter. Authorization header requires 'Signature' parameter." Make sure that the SigV4 authorization request also includes the request date using either HTTP Date or the x-amz-date header. |