Problem description
The Credential parameter in the Authorization header is invalid.
Causes
The request uses the V4 signature (OSS4-HMAC-SHA256), but the Credential parameter in the Authorization header does not follow the required format.
Examples
The following request contains an invalid Credential parameter:
GET /oss.jpg HTTP/1.1
Host: oss-example.oss-cn-hangzhou.aliyuncs.com
Date: Tue, 20 Dec 2022 08:48:18 GMT
Authorization: OSS4-HMAC-SHA256 Credential=AK**ID/20221220/us-east-1/oss/abc,Signature=18**0a
x-oss-content-sha256: UNSIGNED-PAYLOADThe Credential value ends with /abc. The required terminating string is /aliyun_v4_request.
Solutions
Make sure the Credential parameter follows this exact format:
<AccessKeyId>/<SignDate>/<Region>/oss/aliyun_v4_request| Field | Description | Example |
|---|---|---|
<AccessKeyId> | Your AccessKey ID | AK**ID |
<SignDate> | The signing date in YYYYMMDD format | 20221220 |
<Region> | The OSS region ID where the request is sent | us-east-1 |
oss | Fixed string identifying the service | oss |
aliyun_v4_request | Fixed terminating string required by OSS V4 signature | aliyun_v4_request |
A valid Credential value looks like:
AK**ID/20221220/us-east-1/oss/aliyun_v4_requestCompare your Credential value against this structure field by field to identify the discrepancy.
If you use OSS SDKs to send requests, the SDK handles V4 signature construction automatically. Use OSS SDKs unless you have a specific reason to build requests manually. For more information, see Overview.