Adding the Signature to the Request Header

Add the signature to the Authorization HTTP header. The Authorization header is used for identity authentication and not included in the SignedHeaders.

The pseudocode is as follows:

Pseudocode for Authorization header creation:
Authorization: algorithm Access=Access key, SignedHeaders=SignedHeaders, Signature=signature

There is no comma but a space before the algorithm and Access. SignedHeaders and Signature must be separated with commas.

The signed headers are as follows:

SDK-HMAC-SHA256 Access=QTWAOYTTINDUT2QVKYUC, SignedHeaders=content-type;host;x-sdk-date, Signature=7be6668032f70418fcc22abc52071e57aff61b84a1d2381bb430d6870f4f6ebe

The signed headers are added to the HTTP request for identity authentication. If the identity authentication is successful, the request is sent to the corresponding cloud service for processing.

The complete request that contains the signature information is as follows:

GET /v1/77b6a44cba5143ab91d13ab9a8ff44fd/vpcs?limit=2&; marker=13551d6b-755d-4757-b956-536f674975c0 HTTP/1.1
Host: service.region.example.com
Content-Type: application/json
x-sdk-date: 20191115T033655Z
Authorization: SDK-HMAC-SHA256 Access=QTWAOYTTINDUT2QVKYUC, SignedHeaders=content-type;host;x-sdk-date, Signature=7be6668032f70418fcc22abc52071e57aff61b84a1d2381bb430d6870f4f6ebe

Example request for calling an API with a curl command:

curl -X GET "https://service.region.example.com/v1/77b6a44cba5143ab91d13ab9a8ff44fd/vpcs?limit=2&marker=13551d6b-755d-4757-b956-536f674975c0" -H "content-type: application/json" -H "X-Sdk-Date: 20191115T033655Z" -H "host: service.region.example.com" -H "Authorization: SDK-HMAC-SHA256 Access=QTWAOYTTINDUT2QVKYUC, SignedHeaders=content-type;host;x-sdk-date, Signature=7be6668032f70418fcc22abc52071e57aff61b84a1d2381bb430d6870f4f6ebe" -d $''