Problem description
The X-Amz-Credential request parameter is missing.
Causes
The request uses Amazon S3-compatible Signature Version 4 (SigV4) authentication, but the X-Amz-Credential parameter is absent from the URL.
Examples
The following request is missing X-Amz-Credential:
GET /test.txt?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20221220T084818Z&X-Amz-Expires=86400&X-Amz-SignedHeaders=host&X-Amz-Signature=ab2s******************** HTTP/1.0
Date: Tue, 20 Dec 2022 08:48:18 GMT
Host: oss-example.oss-cn-hangzhou.aliyuncs.com
x-oss-s3-compat: trueSolutions
Add the missing X-Amz-Credential parameter to the URL query string. The parameter must follow this format:
<YOUR-ACCESS-KEY-ID>/YYYYMMDD/REGION/SERVICE/aws4_requestWhere:
<YOUR-ACCESS-KEY-ID>: your Alibaba Cloud access key IDYYYYMMDD: the date the request is signed, for example,20221220REGION: the OSS region, for example,us-east-1SERVICE: the service identifier, for example,s3aws4_request: the fixed terminator string
The following shows a correctly formed request with X-Amz-Credential included:
GET /test.txt?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=LTAI****************/20221220/us-east-1/s3/aws4_request&X-Amz-Date=20221220T084818Z&X-Amz-Expires=86400&X-Amz-SignedHeaders=host&X-Amz-Signature=ab2s******************** HTTP/1.0
Date: Tue, 20 Dec 2022 08:48:18 GMT
Host: oss-example.oss-cn-hangzhou.aliyuncs.com
x-oss-s3-compat: trueTo avoid manually constructing presigned URLs and reduce the risk of parameter errors, use an Amazon S3 SDK to generate them. For details, see Use Amazon S3 SDKs to access OSS.