         | Did this page help you? Yes No Tell us about it... |
Example REST Requests
This section shows the steps to sign a request, using sample AWS access identifiers.
If you follow these steps using these identifiers, you will generate the same signature strings in the examples. Although this can help verify your request generation code, you cannot make actual requests with these example requests.
![[Tip]](images/tip.png) | Tip |
|---|---|
If you aren't familiar with REST requests, read Anatomy of a REST Request before continuing with this example. |
The following is an example of an ItemLookup request:
http://webservices.amazon.com/onca/xml?Service=AWSECommerceServic e&AWSAccessKeyId=00000000000000000000&Operation=ItemLookup&ItemId =0679722769&ResponseGroup=ItemAttributes,Offers,Images,Reviews&Ve rsion=2009-01-06
Steps to Sign the Example Request
Enter the timestamp. For this example, we'll use the UTC time
2009-01-01T12:00:00Zhttp://webservices.amazon.com/onca/xml?Service=AWSECommerceServic e&AWSAccessKeyId=00000000000000000000&Operation=ItemLookup&ItemId =0679722769&ResponseGroup=ItemAttributes,Offers,Images,Reviews&Ve rsion=2009-01-06&Timestamp=2009-01-01T12:00:00Z
URL encode the request's comma (,) and colon (:) characters, so that they don't get misinterpreted. For more information about converting to RFC 3986 specifications, see documentation and code samples for your programming language.
http://webservices.amazon.com/onca/xml?Service=AWSECommerceServic e&AWSAccessKeyId=00000000000000000000&Operation=ItemLookup&ItemId =0679722769&ResponseGroup=ItemAttributes%2COffers%2CImages%2CRevi ews&Version=2009-01-06&Timestamp=2009-01-01T12%3A00%3A00Z
![[Important]](images/important.png)
Important Be sure that you do not double-escape any characters.
Split the parameter/value pairs and delete the ampersand characters (&) so that the example looks like the following:
Service=AWSECommerceService AWSAccessKeyId=00000000000000000000 Operation=ItemLookup ItemId=0679722769 ResponseGroup=ItemAttributes%2COffers%2CImages%2CReviews Version=2009-01-06 Timestamp=2009-01-01T12%3A00%3A00Z
Sort your parameter/value pairs by byte value (not alphabetically, lowercase parameters will be listed after uppercase ones).
AWSAccessKeyId=00000000000000000000 ItemId=0679722769 Operation=ItemLookup ResponseGroup=ItemAttributes%2COffers%2CImages%2CReviews Service=AWSECommerceService Timestamp=2009-01-01T12%3A00%3A00Z Version=2009-01-06
Rejoin the sorted parameter/value list with ampersands. The result is the canonical string that we'll sign:
AWSAccessKeyId=00000000000000000000&ItemId=0679722769&Operation=I temLookup&ResponseGroup=ItemAttributes%2COffers%2CImages%2CReview s&Service=AWSECommerceService&Timestamp=2009-01-01T12%3A00%3A00Z& Version=2009-01-06
Prepend the following three lines (with line breaks) before the canonical string:
GET webservices.amazon.com /onca/xml
The string to sign:
GET webservices.amazon.com /onca/xml AWSAccessKeyId=00000000000000000000&ItemId=0679722769&Operation=I temLookup&ResponseGroup=ItemAttributes%2COffers%2CImages%2CReview s&Service=AWSECommerceService&Timestamp=2009-01-01T12%3A00%3A00Z& Version=2009-01-06
Calculate an RFC 2104-compliant HMAC with the SHA256 hash algorithm using the string above with our "dummy" Secret Access Key:
1234567890. For more information about this step, see documentation and code samples for your programming language.Nace+U3Az4OhN7tISqgs1vdLBHBEijWcBeCqL5xN9xg=
URL encode the plus (+) and equal (=) characters in the signature:
Nace%2BU3Az4OhN7tISqgs1vdLBHBEijWcBeCqL5xN9xg%3D
Add the URL encoded signature to your request and the result is a properly-formatted signed request:
http://webservices.amazon.com/onca/xml?AWSAccessKeyId=00000000000 000000000&ItemId=0679722769&Operation=ItemLookup&ResponseGroup=It emAttributes%2COffers%2CImages%2CReviews&Service=AWSECommerceServ ice&Timestamp=2009-01-01T12%3A00%3A00Z&Version=2009-01-06&Signatu re=Nace%2BU3Az4OhN7tISqgs1vdLBHBEijWcBeCqL5xN9xg%3D
Examples of Other Signed Requests
The previous section went through a detailed process for signing an ItemLookup request. This section presents examples of unsigned requests, the string to sign generated from them, and the final signed request. These examples can make excellent test cases for your software. All examples use the "dummy" AWS access identifiers used earlier in the Steps to Sign the Example Request.
ItemSearch Examples
The following examples show the ItemSearch request without a signature, with the string to sign, and the signed request.
Original Unsigned Request
http://ecs.amazonaws.co.uk/onca/xml?Service=AWSECommerceService&A WSAccessKeyId=00000000000000000000&Operation=ItemSearch&Actor=Joh nny%20Depp&ResponseGroup=ItemAttributes,Offers,Images,Reviews,Var iations&Version=2009-01-01&SearchIndex=DVD&Sort=salesrank&Associa teTag=mytag-20
String to Sign
GET ecs.amazonaws.co.uk /onca/xml AWSAccessKeyId=00000000000000000000&Actor=Johnny%20Depp&Associate Tag=mytag-20&Operation=ItemSearch&ResponseGroup=ItemAttributes%2C Offers%2CImages%2CReviews%2CVariations&SearchIndex=DVD&Service=AW SECommerceService&Sort=salesrank&Timestamp=2009-01-01T12%3A00%3A0 0Z&Version=2009-01-01
Signed Request
http://ecs.amazonaws.co.uk/onca/xml?AWSAccessKeyId=00000000000000 000000&Actor=Johnny%20Depp&AssociateTag=mytag-20&Operation=ItemSe arch&ResponseGroup=ItemAttributes%2COffers%2CImages%2CReviews%2CV ariations&SearchIndex=DVD&Service=AWSECommerceService&Signature=T uM6E5L9u%2FuNqOX09ET03BXVmHLVFfJIna5cxXuHxiU%3D&Sort=salesrank&Ti mestamp=2009-01-01T12%3A00%3A00Z&Version=2009-01-01
CartCreate Examples
The following examples show the CartCreate request without a signature, with the string to sign, and the signed request.
Original Unsigned Request
http://webservices.amazon.com/onca/xml?Service=AWSECommerceService&AWS AccessKeyId=00000000000000000000&Operation=CartCreate&Version=200 9-01-01&Item.1.OfferListingId=j8ejq9wxDfSYWf2OCp6XQGDsVrWhl08GSQ9 m5j%2Be8MS449BN1XGUC3DfU5Zw4nt%2FFBt87cspLow1QXzfvZpvzg%3D%3D&Ite m.1.Quantity=3&AssociateTag=mytag-20
String to Sign
GET webservices.amazon.com /onca/xml AWSAccessKeyId=00000000000000000000&AssociateTag=mytag-20&Item.1. OfferListingId=j8ejq9wxDfSYWf2OCp6XQGDsVrWhl08GSQ9m5j%2Be8MS449BN 1XGUC3DfU5Zw4nt%2FFBt87cspLow1QXzfvZpvzg%3D%3D&Item.1.Quantity=3& Operation=CartCreate&Service=AWSECommerceService&Timestamp=2009-0 1-01T12%3A00%3A00Z&Version=2009-01-01
Signed Request
http://webservices.amazon.com/onca/xml?AWSAccessKeyId=0000000000000000 0000&AssociateTag=mytag-20&Item.1.OfferListingId=j8ejq9wxDfSYWf2O Cp6XQGDsVrWhl08GSQ9m5j%2Be8MS449BN1XGUC3DfU5Zw4nt%2FFBt87cspLow1Q XzfvZpvzg%3D%3D&Item.1.Quantity=3&Operation=CartCreate&Service=AW SECommerceService&Signature=cF3UtjbJb1%2BxDh387C%2FEmS1BCtS%2FZ01 taykBCGemvUU%3D&Timestamp=2009-01-01T12%3A00%3A00Z&Version=2009-0 1-01
BrowseNodeLookup Examples
The following examples show the BrowseNodeLookup request without a signature, with the string to sign, and the signed request.
Original Unsigned Request
http://webservices.amazon.com/onca/xml?Service=AWSECommerceService&AWS AccessKeyId=00000000000000000000&Operation=BrowseNodeLookup&Versi on=2009-01-01&BrowseNodeId=465600&AssociateTag=mytag-20&ResponseG roup=BrowseNodeInfo,TopSellers,NewReleases,MostWishedFor,MostGift ed
String to Sign
GET webservices.amazon.com /onca/xml AWSAccessKeyId=00000000000000000000&AssociateTag=mytag-20&BrowseN odeId=465600&Operation=BrowseNodeLookup&ResponseGroup=BrowseNodeI nfo%2CTopSellers%2CNewReleases%2CMostWishedFor%2CMostGifted&Servi ce=AWSECommerceService&Timestamp=2009-01-01T12%3A00%3A00Z&Version =2009-01-01
Signed Request
http://webservices.amazon.com/onca/xml?AWSAccessKeyId=0000000000000000 0000&AssociateTag=mytag-20&BrowseNodeId=465600&Operation=BrowseNo deLookup&ResponseGroup=BrowseNodeInfo%2CTopSellers%2CNewReleases% 2CMostWishedFor%2CMostGifted&Service=AWSECommerceService&Signatur e=kEXxAIqhh6eBhLhrVMz2gt3ocMaH%2FOBVPbjvc9TG8ao%3D&Timestamp=2009 -01-01T12%3A00%3A00Z&Version=2009-01-01
SimilarityLookup Examples
The following examples show the SimilarityLookup request without a signature, with the string to sign, and the signed request.
Original Unsigned Request
http://webservices.amazon.com/onca/xml?Service=AWSECommerceService&AWS AccessKeyId=00000000000000000000&Operation=SimilarityLookup&ItemI d=B0011ZK6PC,B000NK8EWI&Version=2009-01-01&AssociateTag=mytag-20& ResponseGroup=Offers,ItemAttributes&SimilarityType=Intersection&C ondition=New&Merchant=Amazon
String to Sign
GET webservices.amazon.com /onca/xml AWSAccessKeyId=00000000000000000000&AssociateTag=mytag-20&Conditi on=New&ItemId=B0011ZK6PC%2CB000NK8EWI&Merchant=Amazon&Operation=S imilarityLookup&ResponseGroup=Offers%2CItemAttributes&Service=AWS ECommerceService&SimilarityType=Intersection&Timestamp=2009-01-01 T12%3A00%3A00Z&Version=2009-01-01
Signed Request
http://webservices.amazon.com/onca/xml?AWSAccessKeyId=0000000000000000 0000&AssociateTag=mytag-20&Condition=New&ItemId=B0011ZK6PC%2CB000 NK8EWI&Merchant=Amazon&Operation=SimilarityLookup&ResponseGroup=O ffers%2CItemAttributes&Service=AWSECommerceService&Signature=I2pb qxuS%2FmZK6Apwz0oLBxJn2wDL5n4kFQhgYWgLM7I%3D&SimilarityType=Inter section&Timestamp=2009-01-01T12%3A00%3A00Z&Version=2009-01-01
