Problem description
The signature format is invalid. OSS rejects the request because the Signature field in the Authorization header is missing.
Causes
The Authorization header ends with a colon but has no signature value after it. OSS requires a non-empty Signature to authenticate the request.
Examples
The following request triggers this error. The Authorization header ends with a colon and has no signature:
GET /test.txt HTTP/1.0
Date: Tue, 20 Dec 2022 08:48:18 GMT
Host: oss-example.oss-cn-hangzhou.aliyuncs.com
Authorization: OSS qn6qrrqxo2oawuk53otfjbyc:Solutions
Compute the Signature value and include it in the Authorization header.
The Authorization header must follow this format:
Authorization = "OSS " + AccessKeyId + ":" + SignatureTo compute Signature, use the following formula:
Signature = base64(hmac-sha1(AccessKeySecret,
VERB + "\n"
+ Content-MD5 + "\n"
+ Content-Type + "\n"
+ Date + "\n"
+ CanonicalizedOSSHeaders
+ CanonicalizedResource))| Variable | Description |
|---|---|
AccessKeySecret | Your AccessKey secret, used as the HMAC-SHA1 signing key |
VERB | The HTTP method of the request (for example, GET, PUT) |
Content-MD5 | The MD5 hash of the request body; leave blank if there is no body |
Content-Type | The MIME type of the request body; leave blank if there is no body |
Date | The request date in RFC 1123 format (for example, Tue, 20 Dec 2022 08:48:18 GMT) |
CanonicalizedOSSHeaders | Canonical form of OSS-specific x-oss-* headers |
CanonicalizedResource | The canonicalized path to the OSS resource |
For the full signing specification, see Include signatures in the Authorization header.
To avoid computing signatures manually, use an Alibaba Cloud SDK. SDKs generate and attach the Authorization header automatically. See Overview.