On This Page
REST API
Constructing Messages Using HTTP Signature Security
HTTP signatures use a digital signature to enable the receiver to validate the sender's
authenticity and ensure that the message was not tampered with during transit. For more
information on HTTP signatures, see the IETF Draft that is maintained by the IETF HTTP
Working Group (https://httpwg.org).
Follow these steps to implement HTTP signatures:
- Create the shared secret key pair. See Creating a Shared Secret Key Pair.
- Generate a hash of the message body. See Generating a Hash of the Message Body.
- Generate a signature hash. See Generating the Signature Hash.
- Populate thesignatureheader field. See Updating Header Fields.