 | Documentation Feedback |  |
In this section we'll walk you through the steps to sign a request. We'll use "dummy" AWS access identifiers that you can use as well. If you follow along these steps using these same identifiers, you will generate the same signature string that this example shows. This will help you to verify that your own code works correctly. After this detailed example, we'll also show you more streamlined examples for other requests.
![[Tip]](images/tip.png) | Tip |
|---|---|
If you aren't familiar with REST requests, read Anatomy of a REST Request before continuing with this example. |
For the detailed example we'll use a typical ItemLookup request:
http://webservices.amazon.com/onca/xml?Service=AWSECommerceServic e&AWSAccessKeyId=00000000000000000000&Operation=ItemLookup&ItemId =0679722769&ResponseGroup=ItemAttributes,Offers,Images,Reviews&Ve rsion=2009-01-06
Steps to Sign the Example Request
Enter the timestamp. For this example, we'll use GMT time of 2009-01-01T12:00:00Z
http://webservices.amazon.com/onca/xml?Service=AWSECommerceServic e&AWSAccessKeyId=00000000000000000000&Operation=ItemLookup&ItemId =0679722769&ResponseGroup=ItemAttributes,Offers,Images,Reviews&Ve rsion=2009-01-06&Timestamp=2009-01-01T12:00:00Z
URL encode the request's comma (,) and colon (;) characters, so that they don't get misinterpreted. For more information about converting to RFC 3986 specifications, see documentation and code samples for your programming language.
http://webservices.amazon.com/onca/xml?Service=AWSECommerceServic e&AWSAccessKeyId=00000000000000000000&Operation=ItemLookup&ItemId =0679722769&ResponseGroup=ItemAttributes%2COffers%2CImages%2CRevi ews&Version=2009-01-06&Timestamp=2009-01-01T12%3A00%3A00Z
![[Important]](images/important.png) | Important |
|---|---|
Be sure that you do not double-escape any characters. |
Split the parameter/value pairs and delete the ampersand characters (&) so that the example looks like the following:
Service=AWSECommerceService AWSAccessKeyId=00000000000000000000 Operation=ItemLookup ItemId=0679722769 ResponseGroup=ItemAttributes%2COffers%2CImages%2CReviews Version=2009-01-06 Timestamp=2009-01-01T12%3A00%3A00Z
Sort your parameter/value pairs by byte value (not alphabetically, lowercase parameters will be listed after uppercase ones).
AWSAccessKeyId=00000000000000000000 ItemId=0679722769 Operation=ItemLookup ResponseGroup=ItemAttributes%2COffers%2CImages%2CReviews Service=AWSECommerceService Timestamp=2009-01-01T12%3A00%3A00Z Version=2009-01-06
Rejoin the sorted parameter/value list with ampersands. The result is the canonical string that we'll sign:
AWSAccessKeyId=00000000000000000000&ItemId=0679722769&Operation=I temLookup&ResponseGroup=ItemAttributes%2COffers%2CImages%2CReview s&Service=AWSECommerceService&Timestamp=2009-01-01T12%3A00%3A00Z& Version=2009-01-06
Prepend the following three lines (with line breaks) before the canonical string:
GET webservices.amazon.com /onca/xml
The string to sign:
GET webservices.amazon.com /onca/xml AWSAccessKeyId=00000000000000000000&ItemId=0679722769&Operation=I temLookup&ResponseGroup=ItemAttributes%2COffers%2CImages%2CReview s&Service=AWSECommerceService&Timestamp=2009-01-01T12%3A00%3A00Z& Version=2009-01-06
Calculate an RFC 2104-compliant HMAC with the SHA256 hash algorithm using the string above
with our "dummy" Secret Access Key: 1234567890. For more information about this step, see documentation and code samples for your programming language.
Nace+U3Az4OhN7tISqgs1vdLBHBEijWcBeCqL5xN9xg=
URL encode the plus (+) and equal (=) characters in the signature:
Nace%2BU3Az4OhN7tISqgs1vdLBHBEijWcBeCqL5xN9xg%3D
Add the URL encoded signature to your request and the result is a properly-formatted signed request:
http://webservices.amazon.com/onca/xml?AWSAccessKeyId=00000000000 000000000&ItemId=0679722769&Operation=ItemLookup&ResponseGroup=It emAttributes%2COffers%2CImages%2CReviews&Service=AWSECommerceServ ice&Timestamp=2009-01-01T12%3A00%3A00Z&Version=2009-01-06&Signatu re=Nace%2BU3Az4OhN7tISqgs1vdLBHBEijWcBeCqL5xN9xg%3D
The previous section went through a detailed process for signing an ItemLookup request. This section presents examples of unsigned requests, the string to sign generated from them, and the final signed request. These examples can make excellent test cases for your software. All examples use the "dummy" AWS access identifiers used earlier in the Steps to Sign the Example Request.
The following examples show the ItemSearch request without a signature, with the string to sign, and the signed request.
http://ecs.amazonaws.co.uk/onca/xml?Service=AWSECommerceService&A WSAccessKeyId=00000000000000000000&Operation=ItemSearch&Actor=Joh nny%20Depp&ResponseGroup=ItemAttributes,Offers,Images,Reviews,Var iations&Version=2009-01-01&SearchIndex=DVD&Sort=salesrank&Associa teTag=mytag-20
GET ecs.amazonaws.co.uk /onca/xml AWSAccessKeyId=00000000000000000000&Actor=Johnny%20Depp&Associate Tag=mytag-20&Operation=ItemSearch&ResponseGroup=ItemAttributes%2C Offers%2CImages%2CReviews%2CVariations&SearchIndex=DVD&Service=AW SECommerceService&Sort=salesrank&Timestamp=2009-01-01T12%3A00%3A0 0Z&Version=2009-01-01
http://ecs.amazonaws.co.uk/onca/xml?AWSAccessKeyId=00000000000000 000000&Actor=Johnny%20Depp&AssociateTag=mytag-20&Operation=ItemSe arch&ResponseGroup=ItemAttributes%2COffers%2CImages%2CReviews%2CV ariations&SearchIndex=DVD&Service=AWSECommerceService&Signature=T uM6E5L9u%2FuNqOX09ET03BXVmHLVFfJIna5cxXuHxiU%3D&Sort=salesrank&Ti mestamp=2009-01-01T12%3A00%3A00Z&Version=2009-01-01
The following examples show the CartCreate request without a signature, with the string to sign, and the signed request.
http://ecs.amazonaws.com/onca/xml?Service=AWSECommerceService&AWS AccessKeyId=00000000000000000000&Operation=CartCreate&Version=200 9-01-01&Item.1.OfferListingId=j8ejq9wxDfSYWf2OCp6XQGDsVrWhl08GSQ9 m5j%2Be8MS449BN1XGUC3DfU5Zw4nt%2FFBt87cspLow1QXzfvZpvzg%3D%3D&Ite m.1.Quantity=3&AssociateTag=mytag-20
GET ecs.amazonaws.com /onca/xml AWSAccessKeyId=00000000000000000000&AssociateTag=mytag-20&Item.1. OfferListingId=j8ejq9wxDfSYWf2OCp6XQGDsVrWhl08GSQ9m5j%2Be8MS449BN 1XGUC3DfU5Zw4nt%2FFBt87cspLow1QXzfvZpvzg%3D%3D&Item.1.Quantity=3& Operation=CartCreate&Service=AWSECommerceService&Timestamp=2009-0 1-01T12%3A00%3A00Z&Version=2009-01-01
http://ecs.amazonaws.com/onca/xml?AWSAccessKeyId=0000000000000000 0000&AssociateTag=mytag-20&Item.1.OfferListingId=j8ejq9wxDfSYWf2O Cp6XQGDsVrWhl08GSQ9m5j%2Be8MS449BN1XGUC3DfU5Zw4nt%2FFBt87cspLow1Q XzfvZpvzg%3D%3D&Item.1.Quantity=3&Operation=CartCreate&Service=AW SECommerceService&Signature=cF3UtjbJb1%2BxDh387C%2FEmS1BCtS%2FZ01 taykBCGemvUU%3D&Timestamp=2009-01-01T12%3A00%3A00Z&Version=2009-0 1-01
The following examples show the ListSearch request without a signature, with the string to sign, and the signed request.
http://ecs.amazonaws.jp/onca/xml?Service=AWSECommerceService&AWSA ccessKeyId=00000000000000000000&Operation=ListSearch&Version=2009 -01-01&ListType=WishList&Name=wu&AssociateTag=mytag-20
GET ecs.amazonaws.jp /onca/xml AWSAccessKeyId=00000000000000000000&AssociateTag=mytag-20&ListTyp e=WishList&Name=wu&Operation=ListSearch&Service=AWSECommerceServi ce&Timestamp=2009-01-01T12%3A00%3A00Z&Version=2009-01-01
http://ecs.amazonaws.jp/onca/xml?AWSAccessKeyId=00000000000000000 000&AssociateTag=mytag-20&ListType=WishList&Name=wu&Operation=Lis tSearch&Service=AWSECommerceService&Signature=aMFgBNKPrz9PRR9Ato7 yanlaG%2FPkQsNxIWYbLD1V9Zc%3D&Timestamp=2009-01-01T12%3A00%3A00Z& Version=2009-01-01
The following examples show the ListLookup request without a signature, with the string to sign, and the signed request.
http://ecs.amazonaws.com/onca/xml?Service=AWSECommerceService&AWS AccessKeyId=00000000000000000000&Operation=ListLookup&Version=200 9-01-01&ListId=34AN6HPUN5AMX&AssociateTag=mytag-20&ListType=WishL ist&ResponseGroup=ListItems,Offers,Images
GET ecs.amazonaws.com /onca/xml AWSAccessKeyId=00000000000000000000&AssociateTag=mytag-20&ListId= 34AN6HPUN5AMX&ListType=WishList&Operation=ListLookup&ResponseGrou p=ListItems%2COffers%2CImages&Service=AWSECommerceService&Timesta mp=2009-01-01T12%3A00%3A00Z&Version=2009-01-01
http://ecs.amazonaws.com/onca/xml?AWSAccessKeyId=0000000000000000 0000&AssociateTag=mytag-20&ListId=34AN6HPUN5AMX&ListType=WishList &Operation=ListLookup&ResponseGroup=ListItems%2COffers%2CImages&S ervice=AWSECommerceService&Signature=H5u4W10g0vmyB1KA6hmkrea36AFv SryL9SQfPejvWNs%3D&Timestamp=2009-01-01T12%3A00%3A00Z&Version=200 9-01-01
The following examples show the BrowseNodeLookup request without a signature, with the string to sign, and the signed request.
http://ecs.amazonaws.com/onca/xml?Service=AWSECommerceService&AWS AccessKeyId=00000000000000000000&Operation=BrowseNodeLookup&Versi on=2009-01-01&BrowseNodeId=465600&AssociateTag=mytag-20&ResponseG roup=BrowseNodeInfo,TopSellers,NewReleases,MostWishedFor,MostGift ed
GET ecs.amazonaws.com /onca/xml AWSAccessKeyId=00000000000000000000&AssociateTag=mytag-20&BrowseN odeId=465600&Operation=BrowseNodeLookup&ResponseGroup=BrowseNodeI nfo%2CTopSellers%2CNewReleases%2CMostWishedFor%2CMostGifted&Servi ce=AWSECommerceService&Timestamp=2009-01-01T12%3A00%3A00Z&Version =2009-01-01
http://ecs.amazonaws.com/onca/xml?AWSAccessKeyId=0000000000000000 0000&AssociateTag=mytag-20&BrowseNodeId=465600&Operation=BrowseNo deLookup&ResponseGroup=BrowseNodeInfo%2CTopSellers%2CNewReleases% 2CMostWishedFor%2CMostGifted&Service=AWSECommerceService&Signatur e=kEXxAIqhh6eBhLhrVMz2gt3ocMaH%2FOBVPbjvc9TG8ao%3D&Timestamp=2009 -01-01T12%3A00%3A00Z&Version=2009-01-01
The following examples show the SimilarityLookup request without a signature, with the string to sign, and the signed request.
http://ecs.amazonaws.com/onca/xml?Service=AWSECommerceService&AWS AccessKeyId=00000000000000000000&Operation=SimilarityLookup&ItemI d=B0011ZK6PC,B000NK8EWI&Version=2009-01-01&AssociateTag=mytag-20& ResponseGroup=Offers,ItemAttributes&SimilarityType=Intersection&C ondition=New&Merchant=Amazon
GET ecs.amazonaws.com /onca/xml AWSAccessKeyId=00000000000000000000&AssociateTag=mytag-20&Conditi on=New&ItemId=B0011ZK6PC%2CB000NK8EWI&Merchant=Amazon&Operation=S imilarityLookup&ResponseGroup=Offers%2CItemAttributes&Service=AWS ECommerceService&SimilarityType=Intersection&Timestamp=2009-01-01 T12%3A00%3A00Z&Version=2009-01-01
http://ecs.amazonaws.com/onca/xml?AWSAccessKeyId=0000000000000000 0000&AssociateTag=mytag-20&Condition=New&ItemId=B0011ZK6PC%2CB000 NK8EWI&Merchant=Amazon&Operation=SimilarityLookup&ResponseGroup=O ffers%2CItemAttributes&Service=AWSECommerceService&Signature=I2pb qxuS%2FmZK6Apwz0oLBxJn2wDL5n4kFQhgYWgLM7I%3D&SimilarityType=Inter section&Timestamp=2009-01-01T12%3A00%3A00Z&Version=2009-01-01
