Problem description
The AccessKeyId field of the Credential field in the Authorization request header is invalid.
Causes
The request uses V4 signature (OSS4-HMAC-SHA256), but the AccessKeyId value in the Credential field contains invalid characters.
Examples
The following request includes a \r (carriage return) character at the start of AccessKeyId, making it invalid:
GET /oss.jpg HTTP/1.1
Host: oss-example.oss-cn-hangzhou.aliyuncs.com
Date: Tue, 20 Dec 2022 08:48:18 GMT
Authorization: OSS4-HMAC-SHA256 Credential=\rLTAI****************/20221220/us-east-1/oss/aliyun_v4_request,Signature=18**0a
x-oss-content-sha256: UNSIGNED-PAYLOADThe \r before LTAI**************** is the invalid character causing this error.
Solutions
Make sure the AccessKeyId in the Credential field contains no invalid characters. The Credential field must follow this format:
<AccessKeyId>/<date>/<region>/oss/aliyun_v4_requestTo avoid manually constructing the Authorization header, use Alibaba Cloud SDKs.