In this section we introduce you to the features of signatures v15 and what you need to consider when upgrading from v6 to this version.
To be able to make requests with v15 of the signing, you must add a special version header.
Example
upvest-signature-version: 15In v15 of signing, the component digest has been deprecated and replaced by the component content-digest.
Follow these steps to calculate content-digest:
Capture the entire byte stream of the request body.
Calculate the SHA-512 hash of the body content.
Encode the resulting value using Base64 encoding.
Add a request header named content-digest with the following value: sha-512=:{digest value}:, where {digest value} is replaced by the result of the previous step. Please note that {digest value} is enclosed in colons (:).
Example
| Request body | Content length | content-digest header value |
|---|---|---|
| {"hello": "world"} | 18 | "sha-512=:WZDPaVn/7XgHaAy8pmojAkGWoRx2UFChF41A2svX+TaPm+AbwAgBWnrIiYllu7BNNyealdVLvRwEmTHWXvJwew==: |
| {"key": "value"} | 16 | sha-512=:Hd9/AvGZkbjitW1+Ml8Fg1ux1mtcDYe6mLQjDyoowIWa3LM/PmwN2v9O+MjtQGrCA3EQWUL54dlgxKHyYbrucw==: |
In v15 of signing, signature components keys should be quoted in the signature base string:
Example for V15
"@method": POST
"@path": /endpoint
"@query": ?a=b
"accept": application/json
"authorization": Bearer access-token
"content-length": 16
"content-type": application/json
"content-digest": sha-512=:Hd9/AvGZkbjitW1+Ml8Fg1ux1mtcDYe6mLQjDyoowIWa3LM/PmwN2v9O+MjtQGrCA3EQWUL54dlgxKHyYbrucw==:
"idempotency-key": 2133825797664cad
"upvest-client-id": 5ec16164-6173-461d-b90d-116d68f55b40In the tutorial 'Implementing HTTP signatures v15' you can find the detailed description.