Part 3: Both headers in an example request

With both headers established, an example call incorporating them might look like the example that follows. (This call uses the upload action, along with its required and optional action header fields.)

PUT /123456/files_baseball/sweep.m4a HTTP/1.1
Host: example-nsu.akamaihd.net
X-Akamai-ACS-Action: version=1&action=upload&md5=0123456789abcdef0123456789abcdef&mtime=1260000000
X-Akamai-ACS-Auth-Data: 5, 0.0.0.0, 0.0.0.0, 1280000000, 382644692, UploadAccountMedia ← [signature header 1]
X-Akamai-ACS-Auth-Sign:yh1MXm/rv7RKZhfKlTuSUBV69Acph5IyOWCU0/nFjms= ← [signature header 2]

[PUT body]

When the NetStorage server receives a request, it can use the information in the request to verify the following:

  • Ensure that both of the above-specified headers exist. (The ← [signature header #] content is just for labeling purposes, and is not included.)
  • Ensure that the version given in the X-Akamai-ACS-Auth-Data header is a supported version.
  • Ensure that the [Key]" given corresponds to the [Key-name] in the X-Akamai-ACS-Auth-Data header.
  • Ensure that the [time] given in X-Akamai-ACS-Auth-Data header is within +/- 30 seconds of the current time.
  • Ensure that the signature matches both the given X-Akamai-ACS-Auth-Data header, and the “ [sign-string] in the X-Akamai-ACS-Auth-Sign header
  • The NetStorage Server may check that the given X-Akamai-ACS-Auth-Data header has not been used before.

If any of the above steps fail, the recipient server should reject the request.

Note: Your Account Representative can provide sample code to assist in implementing these steps.