Problem description
The format of the Authorization request header is invalid.
Causes
You initiated a request that uses the V2 signature, but the format of the Authorization header is invalid.
Examples
You initiated a request that uses the V2 signature, but the format of the Authorization header is invalid.
GET /oss.jpg HTTP/1.1
Host: oss-example.oss-cn-hangzhou.aliyuncs.com
Date: Tue, 20 Dec 2022 08:48:18 GMT
Authorization: OSS2 AccessKeyId:44**07,Signature:n7I**I0=,UnknownKey:ABCThe Authorization header separates the signature version and signature information with a space.
Signature version: Only
OSS2is supported.Signature information: The signature information is displayed in the form of key-value pairs (key:value). Separate key-value pairs with commas (,) and separate keys and values with colons (:).
The key of the signature information includes two required fields (
AccessKeyIdandSignature) and one optional field (AdditionalHeaders). The preceding example contains an invalid key-value pair (UnknownKey:ABC).
Solutions
Make sure that the format of the Authorization header in the request that uses the V2 signature meets the preceding requirements. Example:
GET /oss.jpg HTTP/1.1
Host: oss-example.oss-cn-hangzhou.aliyuncs.com
Date: Tue, 20 Dec 2022 08:48:18 GMT
Authorization: OSS2 AccessKeyId:44**07,AdditionalHeaders:host,Signature:n7I**I0=References
For more information about how to use Alibaba Cloud SDKs to initiate a request that uses the V2 signature, see Overview.
Use the self-signed mode.
If you want to calculate the V2 signature, see Calculate V2 signature by using OSS SDK for Python.
If you want to specify the signature logic, see Overview.
If the server returns a response that contains the
StringToSignparameter, you can check whether the value of the StringToSign parameter on the server is the same as the string before calculation.