The “base-64-encoded-signature” variable

This variable is comprised of a generated signature based on a specific algorithm.

It utilizes the [version] value specified in the X-Akamai-ACS-Auth-Data header. At present, versions 3 through 5 are supported by this API, and version 5 is preferred. (Version 4 is supported, but not preferred, and version 3” is deprecated and should not be used.) Please refer to the this Knowledge Base article to verify supported versions:

https://control.akamai.com/portal/kb/kbSearchDetails.jsf?articleId=5782

Depending on the version in use, the basic structure of the base-64-encoded-signature algorithm is as follows:

  • Version 3: HMAC-MD5([key], [data] + [sign-string])
  • Version 4: HMAC-SHA1([key], [data] + [sign-string])
  • Version 5: HMAC-SHA256([key], [data] + [sign-string])

In this algorithm, the following variable values are applied:

  • [key]: The internally-generated Key. This is the value gathered when provisioning access to the API.
  • [data]: The full contents of the X-Akamai-ACS-Auth-Data header.
  • [sign-string]: The string to sign is equal to the example below.
URL + “\n” + “x-akamai-acs-action:” + X-Akamai-ACS-Action value + “\n”

The “sign-string”

In the context of the API, the [sign-string] is formed by using the following:

  • The Request Path: This is the first line of the request, without the surrounding method (PUT or GET), the protocol, or space character delimiters.
  • A single line feed character - This is represented here with a newline -- “ \n ” -- character)
  • The string “x-akamai-acs-action:” followed by the value of the X-Akamai-ACS-Action header - Ensure that any preceding and trailing whitespaces are removed.
  • A final line feed character: Again, this is represented by \n.
For example, the following request is to be sent:
PUT /[CP Code]/[path]/[file.ext] HTTP/1.1
Host: [Domain Prefix]-nsu.akamaihd.net
X-Akamai-ACS-Action: version=1&action=upload&md5=0123456789abcdef01234 56789abcdef&mtime=1260000000

The resulting sign-string would be as follows. (And, “ \n” represents the line feed character (ASCII code 10.)

/[CP Code]/[path]/[file.ext]\nx-akamai-acs-action:version=1&action=upload&md5=0123456789abcdef0123456789abcdef&mtime=1260000000\n
Note: The md5 shown in the example above is not a true representation of a hash of the values provided. It is simply a placeholder included for example purposes, only.