HTTP Signature Authentication

HTTP authentication provides a general framework for access control and authentication in web-based applications. HTTP Signature authentication provides a mechanism to digitally sign an HTTP message using either symmetric or asymmetric keys. This helps to verify both the identity of the sender and that the message was not altered during transit. This form of authentication is more secure than HTTP Basic authentication.

Use HTTP Signature Authentication account keys with File Operations and Web Service workflow activities and HTTP Endpoint targets.

Usage

Complete the following steps to create a new HTTP Signature Authentication account key:

  1. In the left navigation menu, click Account Keys.
  2. Click New Account Key.
  3. From the Account Key Type drop-down list, choose HTTP Signature Authentication.
  4. Enter a unique display name for the account key in the Display Name field and a brief description in the Description field.
  5. In the Credentials area, specify the following:
    • Key ID - Enter a valid Key ID.
    • Private Key - Enter the content of the private key or click Browse to choose a key file from your local drive.
    • Passphrase - Enter the passphrase associated with the Private Key. Click the eye icon to display or hide the passphrase.
    • Signature Algorithm - Click the drop-down menu and choose the encryption algorithm associated with the Private Key.
    • Signature Headers - Enter the names of any required authentication headers.
  6. Click Submit.