Prev Next
Welcome » Simple Pay FPS Actions API Reference » Flexible Payments Service Actions Available with Amazon Simple Pay » VerifySignature

VerifySignature

Description

VerifySignature enables you to verify the signature included with outbound notifications. A correctly formatted call using VerifySignature returns a positive result when the signature is valid for the response that contained it.

This action is a component of signature version 2. Because of this, you may only use it with responses which have a SignatureVersion value of 2. To use signature version 2, you must select that option on your Developer and Seller Preferences page. For more information, see Configuring Default Button Values.

[Note]Note

Because this action's purpose is simply to verify that a signature is valid and was generated by Amazon Payments, you do not need a developer account to invoke it from your code. Further, the request requires no signature.

Request Parameters

ParameterDescription

Required

UrlEndPoint

A required field that contains the appropriate originating endpoint (either the returnUrl or ipnUrl) that received the response. For example, if your web application resides at http://my-app-website.biz/, the returnUrl might be http://my-app-website.biz/amazon/success.php, and the IPNUrl might be http://my-app-website.biz/amazon/ipnProcessor.php.

Type: String

Default: None

Constraint: Cannot be null or empty

Yes

HttpParameters

Concatenated string of all URL-Encoded parameters which were included in the response containing the signature you want to verify. This includes the certificateUrl, signatureVersion, signatureMethod and signature parameters.

For example, a correctly formatted and URL-encoded string resembles the following:

First%20Name=Joe&Last%20Name=Smith&signatureVersion=2
&signatureMethod=HMACSHA256&certificateUrl=https%253A
%252F%252Ffps.amazonaws.com%252Fcert%252Fkey.pem&signatur
e=aoeuAOE123eAUdhf]
[Tip]Tip

For validating the returnUrl, you can extract the query string from the returnUrl (excluding the '?' character). For validating the IPNUrl, concatenate the POST parameters.

Type: String

Default: None

Constraint: Cannot be null or empty. In addition, because VerifySignature is a component of signature version 2, the value for signatureVersion must be 2.

Yes

You must also use the Action parameter as described in Common Request Parameters. Parameter names are case sensitive.

Response Elements

ElementDescription

VerificationStatus

The result of the verification, either Success or Failure.

Type: VerificationStatus

Responses also include elements common to all responses. For more information, see Common Response Elements.

Errors

This action can return the following errors:

Examples

Sample REST Request

This section shows a sample request.

https://fps.sandbox.amazonaws.com/?Action=VerifySignature&UrlEndPoint=h
ttp%3A%2F%2Fvamsik.desktop.amazon.com%3A8080%2Fipn.jsp&HttpParameters=e
xpiry%3D08%252F2015%26signature%3DynDukZ9%252FG77uSJVb5YM0cadwHVwYKPMKO
O3PNvgADbv6VtymgBxeOWEhED6KGHsGSvSJnMWDN%252FZl639AkRe9Ry%252F7zmn9CmiM
%252FZkp1XtshERGTqi2YL10GwQpaH17MQqOX3u1cW4LlyFoLy4celUFBPq1WM2ZJnaNZRJ
IEY%252FvpeVnCVK8VIPdY3HMxPAkNi5zeF2BbqH%252BL2vAWef6vfHkNcJPlOuOl6jP4E
%252B58F24ni%252B9ek%252FQH18O4kw%252FUJ7ZfKwjCCI13%252BcFybpofcKqddq8C
uUJj5Ii7Pdw1fje7ktzHeeNhF0r9siWcYmd4JaxTP3NmLJdHFRq2T%252FgsF3vK9m3gw%2
53D%253D%26signatureVersion%3D2%26signatureMethod%3DRSA-SHA1%26certific
ateUrl%3Dhttps%253A%252F%252Ffps.sandbox.amazonaws.com%252Fcerts%252F09
0909%252FPKICert.pem%26tokenID%3DA5BB3HUNAZFJ5CRXIPH72LIODZUNAUZIVP7UB7
4QNFQDSQ9MN4HPIKISQZWPLJXF%26status%3DSC%26callerReference%3DcallerRefe
renceMultiUse1&AWSAccessKeyId=AKIAJGC2KB2QP7MVBLYQ&Timestamp=2010-02-26
T19%3A48%3A05.000Z&Version=2008-09-17&SignatureVersion=2&SignatureMetho
d=HmacSHA256&Signature=fKRGL42K7nduDA47g6bJCyUyF5ZvkBotXE5jVcgyHvE%3D

Sample Response to REST Request

This section shows a sample REST response.

<VerifySignatureResponse xmlns="http://fps.amazonaws.com/doc/2008-09-17/">
  <VerifySignatureResult>
    <VerificationStatus>Success</VerificationStatus>
  </VerifySignatureResult>
  <ResponseMetadata>
    <RequestId>197e2085-1ed7-47a2-93d8-d76b452acc74:0</RequestId>
  </ResponseMetadata>
</VerifySignatureResponse>
Prev Copyright Information Next
 Home