For security purposes, Amazon Fulfillment Web Service uses your AWS credentials and an HMAC-SHA1 signature in the top of each Query request. Specifically, you need to include the following required elements in each request:
AWSAccessKeyId: Your AWS Access Key ID
Timestamp: This must be a
dateTime in the Coordinated Universal Time (Greenwich Mean Time) time zone, such as 2005-01-31T23:59:59:183Z (for more information, see About the Time Stamp). The request expires 15 minutes after the time stamp.
Due to different interpretations regarding how extra time precision should be dropped, .NET users should take care not to send overly specific time stamps. This can be accomplished by manually constructing
Signature: The HMAC-SHA1 signature calculated from the concatenation of
Timestamp, using your AWS Secret Access Key as the key. For example, in the following sample request, the value of the
Signature element is the HMAC-SHA1 digest of this string:
To calculate the signature
Concatenate the values of the
Timestamp request parameters, in that order.
Calculate an HMAC-SHA1 signature, using your Secret Access Key as the key.
Convert the resulting value to base64.
Pass the final value in the
Signature parameter of the Query request.
Example Query Snippet
&AWSAccessKeyId=0QY05JR56ZA8E56XPG82 &Signature=FvUH0tcso/u1P4vqJt7cXLPGrV8= &Timestamp=2009-01-23T00:43:12Z