 | Documentation Feedback |  |
For security purposes, Amazon Fulfillment Web Service uses your AWS credentials and an HMAC-SHA1 signature in the header of each SOAP request. Specifically, you need to include the following required elements in the header:
AWSAccessKeyId: Your AWS Access Key ID
Timestamp: This must be a dateTime in the Coordinated Universal Time (Greenwich Mean Time) time zone, such as 2005-01-31T23:59:59:183Z (for more information, see About the Time Stamp). The request expires 15 minutes after the time stamp.
![[Note]](images/note.png) | Note |
|---|---|
Due to different interpretations regarding how extra time precision should be dropped, .NET users should take care not to send overly specific time stamps. This can be accomplished by manually constructing |
Signature: The HMAC-SHA1 signature calculated from the concatenation of Action+Timestamp, using your AWS Secret Access Key as the key. For example, in the following sample request, the value of the Signature element is the HMAC-SHA1 digest of this string: CreateQueue2005-01-31T23:59:59.183Z
To calculate the signature
Concatenate the values of the Action and Timestamp request parameters, in that order.
Calculate an HMAC-SHA1 signature, using your Secret Access Key as the key.
Convert the resulting value to base64.
Pass the final value in the Signature parameter of the SOAP request.
Example SOAP Header
<soapenv:Header>
<aws:AWSAccessKeyId
soapenv:actor="http://schemas.xmlsoap.org/soap/actor/next"
soapenv:mustUnderstand="0"
xmlns:aws="http://security.amazonaws.com/doc/2007-01-01/"
>0QY05JR56ZA8E56XPG82</aws:AWSAccessKeyId>
<aws:Signature
soapenv:actor="http://schemas.xmlsoap.org/soap/actor/next"
soapenv:mustUnderstand="0"
xmlns:aws="http://security.amazonaws.com/doc/2007-01-01/"
>FvUH0tcso/u1P4vqJt7cXLPGrV8=</aws:Signature>
<aws:Timestamp
soapenv:actor="http://schemas.xmlsoap.org/soap/actor/next"
soapenv:mustUnderstand="0"
xmlns:aws="http://security.amazonaws.com/doc/2007-01-01/"
>2009-01-23T00:43:12Z</aws:Timestamp>
</soapenv:Header>
