The “base-64-encoded-signature” variable
This variable is comprised of a generated signature based on a specific algorithm.
It utilizes the
[version] value specified in the
At present, versions
5 are supported by this API,
and version 5 is preferred. (Version
4 is supported, but not
preferred, and version
deprecated and should not be used.) Please refer to the this Knowledge Base article to verify
Depending on the version in use, the basic structure of the base-64-encoded-signature algorithm is as follows:
- Version 3:
HMAC-MD5([key], [data] + [sign-string])
- Version 4:
HMAC-SHA1([key], [data] + [sign-string])
- Version 5:
HMAC-SHA256([key], [data] + [sign-string])
In this algorithm, the following variable values are applied:
[key]: The internally-generated
Key. This is the value gathered when provisioning access to the API.
[data]: The full contents of the
[sign-string]: The string to sign is equal to the example below.
URL + “\n” + “x-akamai-acs-action:” + X-Akamai-ACS-Action value + “\n”
In the context of the API, the
[sign-string] is formed by using
- The Request Path: This is the first line of the request, without the surrounding method
GET), the protocol, or space character delimiters.
- A single line feed character -
This is represented here with a newline -- “
\n” -- character)
- The string “x-akamai-acs-action:” followed by the value of the X-Akamai-ACS-Action header - Ensure that any preceding and trailing whitespaces are removed.
- A final line feed character:
Again, this is represented by
PUT /[CP Code]/[path]/[file.ext] HTTP/1.1 Host: [Domain Prefix]-nsu.akamaihd.net X-Akamai-ACS-Action: version=1&action=upload&md5=0123456789abcdef01234 56789abcdef&mtime=1260000000
The resulting sign-string would be as follows. (And, “
\n” represents the line feed
character (ASCII code 10.)