With SignatureV4, you can produce authenticated HTTP requests to AWS services. Namely, it lets you sign and pre-sign requests to AWS services using the Signature V4 algorithm. The sign operation produces a signed request with authorization information stored in its headers. The presign operation produces a pre-signed request with authorization information stored in its query string parameters.
SignatureV4 is included in both the dedicated jslib signature.js bundle and the aws.js one, containing all the service's clients.
Instantiating a new SignatureV4 requires a single options object argument with the following properties:
Property | Type | Description |
---|---|---|
service | string | the AWS region to sign or pre-sign requests for. As described by Amazon AWS docs |
region | string | the AWS service to sign or pre-sign requests for. As described by Amazon AWS docs] |
credentials | an object with accessKeyId, secretAccessKeyId, and optional sessionToken properties | the AWS credentials to sign or pre-sign requests with. |
uriEscapePath | boolean | Whether to uri-escape the request URI path as part of computing the canonical request string. As of late 2017, this is required for every AWS service except Amazon S3. |
applyChecksum | boolean | Whether to calculate a checksum of the request body and include it as either a request header (when signing) or as a query string parameter (when pre-signing). This is required for AWS Glacier and Amazon S3 and optional for every other AWS service as of late 2017. |
Methods
Method | Description |
---|---|
sign() | Signs an authenticated HTTP request using the AWS signature v4 algorithm |
presign() | Produces an authenticated pre-signed URL using the AWS signature v4 algorithm |
Throws
SignatureV4 methods throw errors on failure.
Error | Condition |
---|---|
InvalidSignatureError | when invalid credentials were provided. |