All Products
Search

This Product

    :When using the OSS API or SDK, an error related to the "SignatureDoesNotMatch" signature is reported

    Document Center

    :When using the OSS API or SDK, an error related to the "SignatureDoesNotMatch" signature is reported

    Last Updated:Mar 29, 2022

    Problem description

    When you use OSS APIs or SDKs, a "SignatureDoesNotMatch" signature-related error is displayed.

    SignatureDoesNotMatch: The request signature we calculated does not match the signature you provided. Check your key and signing method

    Cause

    When using the OSS API or SDK, the client needs to carry the signature information with the OSS server for verification. If the signature calculated by the client is inconsistent with the signature calculated by the OSS server, the request does not pass the verification.

    Solutions

    Check the AK and SK accuracy

    1. You can use the ossbrowser tool to check whether your AK and SK are correct. For more information about how to use the ossbrowser tool, see Quickly use ossbrowser.
    2. If ossbrowser is used, the AccessKey pair and SK are incorrect. For more information, see Create an AccessKey pair to create a new AccessKey pair and SK.

    Check the accuracy of endpoint information

    You must check whether your endpoints are correct. Buckets in different regions correspond to different endpoints. For more information, see Access domain names and data centers. The format of the endpoint information is endpoint = "http://oss-cn-beijing.aliyuncs.com". The two request methods for OSS resources are as follows:

    • If you request OSS resources in the form of URLs, the OSS URL composition is as follows. 
      [$Schema]://[$Bucket].[$Endpoint]/[$Object]
      Note:
      • [$Schema]:HTTP or HTTPS.
      • [$Bucket]: the name of the OSS bucket.
      • [$End point]: For more information about the endpoints of each region, see Access domain names and data centers.
      • [$Object] : the access path of the object uploaded to OSS.
    • If you request OSS resources in the form of SDKs, as follows: 
      String accessKeyId = "XXX";
      String accessKeySecret = "XXX";
      String endpoint = "oss-cn-XXX.aliyuncs.com";
      OSSClient client = new OSSClient(endpoint, accessKeyId, accessKeySecret);


    Check the SDK version

    The problem of "SignatureDoesNotMatch" may occur when using some old versions of SDK. If you are using the old version of SDK, please use the latest SDK version. The corresponding SDK link on the official website has the latest version information. For more information about obtaining the address, see Object Storage Service (OSS) provided mainstream language SDK.

    Check the API you constructed

    If the signature is your own API, we recommend that you use the SDK provided by OSS. For more information, see Authorize access. Alternatively, you can check the algorithm logic used to calculate the signature. For more information about how to construct the signature algorithm, see Include signatures in headers.

    Applicable scope

    • OSS