Sign Aspose Cloud API Request URL for authentication


I am trying to work out how to generate the correct signature to sign requests.

I am following the steps on this page: Authenticating API Requests|Documentation

However even using the examples provided does not work.

For example:
The documentation says:

Append App SID to the given URL as query parameter
Use HMAC-SHA1 algorithm to compute the hash of the URL. App Key will be used as a secret cryptographic key.
Use Base64 encoding to convert message authentication code (MAC) from a binary format in an ASCII string format. JgLReiOyORY8BYpCJ32CbCc0UHg=

When I HMAC-SHA1 the URL with the key, I get ‘2017d1e0cf79cb7c758eb80eb0173e81ea63be18’, then Base64 ASCII encoding this gives ‘MjAxN2QxZTBjZjc5Y2I3Yzc1OGViODBlYjAxNzNlODFlYTYzYmUxOA==’ NOT ‘JgLReiOyORY8BYpCJ32CbCc0UHg=’ like in your documentation.

In fact, decoding the Base64 ‘JgLReiOyORY8BYpCJ32CbCc0UHg=’ returns ‘&z#9<B’}l’4Px’ which is not a valid MAC.

Are the keys/app IDs in your documentation correct?


Thank you for contacting Aspose Support. Please tell us in what programming language you are trying to generate the signature. We will share with you Sign module in that particular language so you don’t have to write it yourself.

You may know we have written Cloud SDKs that takes care of low-level details of making requests and handling responses and lets you focus on writing code specific to your particular project.

Please tell us what is your use case and which Aspose APIs you are interested in using so that we can guide you accordingly.


Please note we have launched new API Versions of Aspose Cloud APIs and now newer version only supports Json Web Token(JWT) for URL authentication. However, older versions will continue to support OAuth 2.0 and URL signing methods. But it is recommended to use the latest API Versions, as we are not supporting older versions now and the new versions are better than older versions in terms of memory management and API structure.