FAQ

How could I verify my signature signing method is correct?

Please look at the examples in I was able to list my files but unable to download any of them? to verify your signature signing method. For more information, please reference Appendix A - File API Client Signing.

I was able to list my files but unable to download any of them?

One common problem users encounter is that they are able to successfully list files but when requesting any particular file, they receive a 401 Incorrect authentication credentials error. The is often caused by an incorrect signature because the original URI was not lower-case when generating the canonical URI used for signing. The following example illustrates this issue:

# request parameters
uri = 'https://file-api.fillz.com/v1/orders/created/20150101T000000Z-abcdefgh'
request_type = 'GET'
secret_key = 'FAKESECRETKEY'
content = ''
timestamp = '20150917T000000Z'

# incorrect encoded uri generates an incorrect signature
encoded_uri: 'https://file-api.fillz.com/v1/orders/created/20150101T000000Z-abcdefgh'
request_type: 'GET'
content: ''
checksum: ''
timestamp: '20150917T000000Z'
final_string: 'GET\nhttps://file-api.fillz.com/v1/orders/created/20150101T000000Z-abcdefgh\n20150917T000000Z\n'
signature: cbbcd46119f283e0122352bfdff0bba1cf5e421c916fd213cd8a16eac1779b02

# correct encoded uri
encoded_uri: 'https://file-api.fillz.com/v1/orders/created/20150101t000000z-abcdefgh'
request_type: 'GET'
content: ''
checksum: ''
timestamp: '20150917T000000Z'
final_string: 'GET\nhttps://file-api.fillz.com/v1/orders/created/20150101t000000z-abcdefgh\n20150917T000000Z\n'
signature: fa164afd8e041e29e879d7034adbd6235374c9ef195b001ebc2c9a97aabce38e

To resolve the problem, properly apply lower-casing when canonical uri’s are generated. For more information, please reference Appendix A - File API Client Signing.