Example REST Requests

Product Advertising API: 2009-11-01

previous page next page

Example REST Requests

In this section we'll walk you through the steps to sign a request. We'll use "dummy" AWS access identifiers that you can use as well. If you follow along these steps using these same identifiers, you will generate the same signature string that this example shows. This will help you to verify that your own code works correctly. After this detailed example, we'll also show you more streamlined examples for other requests.

[Tip] Tip

If you aren't familiar with REST requests, read Anatomy of a REST Request before continuing with this example.

For the detailed example we'll use a typical ItemLookup request:

http://webservices.amazon.com/onca/xml?Service=AWSECommerceServic
e&AWSAccessKeyId=00000000000000000000&Operation=ItemLookup&ItemId
=0679722769&ResponseGroup=ItemAttributes,Offers,Images,Reviews&Ve
rsion=2009-01-06

Steps to Sign the Example Request

  1. Enter the timestamp. For this example, we'll use GMT time of 2009-01-01T12:00:00Z

    http://webservices.amazon.com/onca/xml?Service=AWSECommerceServic
e&AWSAccessKeyId=00000000000000000000&Operation=ItemLookup&ItemId
=0679722769&ResponseGroup=ItemAttributes,Offers,Images,Reviews&Ve
rsion=2009-01-06&Timestamp=2009-01-01T12:00:00Z

  2. URL encode the request's comma (,) and colon (;) characters, so that they don't get misinterpreted. For more information about converting to RFC 3986 specifications, see documentation and code samples for your programming language. 

    http://webservices.amazon.com/onca/xml?Service=AWSECommerceServic
e&AWSAccessKeyId=00000000000000000000&Operation=ItemLookup&ItemId
=0679722769&ResponseGroup=ItemAttributes%2COffers%2CImages%2CRevi
ews&Version=2009-01-06&Timestamp=2009-01-01T12%3A00%3A00Z
    [Important] Important

    Be sure that you do not double-escape any characters.

  3. Split the parameter/value pairs and delete the ampersand characters (&) so that the example looks like the following:

    Service=AWSECommerceService
AWSAccessKeyId=00000000000000000000
Operation=ItemLookup
ItemId=0679722769
ResponseGroup=ItemAttributes%2COffers%2CImages%2CReviews
Version=2009-01-06
Timestamp=2009-01-01T12%3A00%3A00Z

  4. Sort your parameter/value pairs by byte value (not alphabetically, lowercase parameters will be listed after uppercase ones).

    AWSAccessKeyId=00000000000000000000
ItemId=0679722769
Operation=ItemLookup
ResponseGroup=ItemAttributes%2COffers%2CImages%2CReviews
Service=AWSECommerceService
Timestamp=2009-01-01T12%3A00%3A00Z
Version=2009-01-06

  5. Rejoin the sorted parameter/value list with ampersands. The result is the canonical string that we'll sign:

    AWSAccessKeyId=00000000000000000000&ItemId=0679722769&Operation=I
temLookup&ResponseGroup=ItemAttributes%2COffers%2CImages%2CReview
s&Service=AWSECommerceService&Timestamp=2009-01-01T12%3A00%3A00Z&
Version=2009-01-06

  6. Prepend the following three lines (with line breaks) before the canonical string:

    GET
webservices.amazon.com
/onca/xml

  7. The string to sign:

    GET
webservices.amazon.com
/onca/xml
AWSAccessKeyId=00000000000000000000&ItemId=0679722769&Operation=I
temLookup&ResponseGroup=ItemAttributes%2COffers%2CImages%2CReview
s&Service=AWSECommerceService&Timestamp=2009-01-01T12%3A00%3A00Z&
Version=2009-01-06

  8. Calculate an RFC 2104-compliant HMAC with the SHA256 hash algorithm using the string above with our "dummy" Secret Access Key: 1234567890. For more information about this step, see documentation and code samples for your programming language. 

    Nace+U3Az4OhN7tISqgs1vdLBHBEijWcBeCqL5xN9xg=

  9. URL encode the plus (+) and equal (=) characters in the signature:

    Nace%2BU3Az4OhN7tISqgs1vdLBHBEijWcBeCqL5xN9xg%3D

  10. Add the URL encoded signature to your request and the result is a properly-formatted signed request:

    http://webservices.amazon.com/onca/xml?AWSAccessKeyId=00000000000
000000000&ItemId=0679722769&Operation=ItemLookup&ResponseGroup=It
emAttributes%2COffers%2CImages%2CReviews&Service=AWSECommerceServ
ice&Timestamp=2009-01-01T12%3A00%3A00Z&Version=2009-01-06&Signatu
re=Nace%2BU3Az4OhN7tISqgs1vdLBHBEijWcBeCqL5xN9xg%3D

Examples of Other Signed Requests

The previous section went through a detailed process for signing an ItemLookup request. This section presents examples of unsigned requests, the string to sign generated from them, and the final signed request. These examples can make excellent test cases for your software. All examples use the "dummy" AWS access identifiers used earlier in the Steps to Sign the Example Request.

ItemSearch Examples

The following examples show the ItemSearch request without a signature, with the string to sign, and the signed request.

Original Unsigned Request

http://ecs.amazonaws.co.uk/onca/xml?Service=AWSECommerceService&A
WSAccessKeyId=00000000000000000000&Operation=ItemSearch&Actor=Joh
nny%20Depp&ResponseGroup=ItemAttributes,Offers,Images,Reviews,Var
iations&Version=2009-01-01&SearchIndex=DVD&Sort=salesrank&Associa
teTag=mytag-20

String to Sign

GET
ecs.amazonaws.co.uk
/onca/xml
AWSAccessKeyId=00000000000000000000&Actor=Johnny%20Depp&Associate
Tag=mytag-20&Operation=ItemSearch&ResponseGroup=ItemAttributes%2C
Offers%2CImages%2CReviews%2CVariations&SearchIndex=DVD&Service=AW
SECommerceService&Sort=salesrank&Timestamp=2009-01-01T12%3A00%3A0
0Z&Version=2009-01-01

Signed Request

http://ecs.amazonaws.co.uk/onca/xml?AWSAccessKeyId=00000000000000
000000&Actor=Johnny%20Depp&AssociateTag=mytag-20&Operation=ItemSe
arch&ResponseGroup=ItemAttributes%2COffers%2CImages%2CReviews%2CV
ariations&SearchIndex=DVD&Service=AWSECommerceService&Signature=T
uM6E5L9u%2FuNqOX09ET03BXVmHLVFfJIna5cxXuHxiU%3D&Sort=salesrank&Ti
mestamp=2009-01-01T12%3A00%3A00Z&Version=2009-01-01

CartCreate Examples

The following examples show the CartCreate request without a signature, with the string to sign, and the signed request.

Original Unsigned Request

http://ecs.amazonaws.com/onca/xml?Service=AWSECommerceService&AWS
AccessKeyId=00000000000000000000&Operation=CartCreate&Version=200
9-01-01&Item.1.OfferListingId=j8ejq9wxDfSYWf2OCp6XQGDsVrWhl08GSQ9
m5j%2Be8MS449BN1XGUC3DfU5Zw4nt%2FFBt87cspLow1QXzfvZpvzg%3D%3D&Ite
m.1.Quantity=3&AssociateTag=mytag-20

String to Sign

GET
ecs.amazonaws.com
/onca/xml
AWSAccessKeyId=00000000000000000000&AssociateTag=mytag-20&Item.1.
OfferListingId=j8ejq9wxDfSYWf2OCp6XQGDsVrWhl08GSQ9m5j%2Be8MS449BN
1XGUC3DfU5Zw4nt%2FFBt87cspLow1QXzfvZpvzg%3D%3D&Item.1.Quantity=3&
Operation=CartCreate&Service=AWSECommerceService&Timestamp=2009-0
1-01T12%3A00%3A00Z&Version=2009-01-01

Signed Request

http://ecs.amazonaws.com/onca/xml?AWSAccessKeyId=0000000000000000
0000&AssociateTag=mytag-20&Item.1.OfferListingId=j8ejq9wxDfSYWf2O
Cp6XQGDsVrWhl08GSQ9m5j%2Be8MS449BN1XGUC3DfU5Zw4nt%2FFBt87cspLow1Q
XzfvZpvzg%3D%3D&Item.1.Quantity=3&Operation=CartCreate&Service=AW
SECommerceService&Signature=cF3UtjbJb1%2BxDh387C%2FEmS1BCtS%2FZ01
taykBCGemvUU%3D&Timestamp=2009-01-01T12%3A00%3A00Z&Version=2009-0
1-01

ListSearch Examples

The following examples show the ListSearch request without a signature, with the string to sign, and the signed request.

Original Unsigned Request

http://ecs.amazonaws.jp/onca/xml?Service=AWSECommerceService&AWSA
ccessKeyId=00000000000000000000&Operation=ListSearch&Version=2009
-01-01&ListType=WishList&Name=wu&AssociateTag=mytag-20

String to Sign

GET
ecs.amazonaws.jp
/onca/xml
AWSAccessKeyId=00000000000000000000&AssociateTag=mytag-20&ListTyp
e=WishList&Name=wu&Operation=ListSearch&Service=AWSECommerceServi
ce&Timestamp=2009-01-01T12%3A00%3A00Z&Version=2009-01-01

Signed Request

http://ecs.amazonaws.jp/onca/xml?AWSAccessKeyId=00000000000000000
000&AssociateTag=mytag-20&ListType=WishList&Name=wu&Operation=Lis
tSearch&Service=AWSECommerceService&Signature=aMFgBNKPrz9PRR9Ato7
yanlaG%2FPkQsNxIWYbLD1V9Zc%3D&Timestamp=2009-01-01T12%3A00%3A00Z&
Version=2009-01-01

ListLookup Examples

The following examples show the ListLookup request without a signature, with the string to sign, and the signed request.

Original Unsigned Request

http://ecs.amazonaws.com/onca/xml?Service=AWSECommerceService&AWS
AccessKeyId=00000000000000000000&Operation=ListLookup&Version=200
9-01-01&ListId=34AN6HPUN5AMX&AssociateTag=mytag-20&ListType=WishL
ist&ResponseGroup=ListItems,Offers,Images

String to Sign

GET
ecs.amazonaws.com
/onca/xml
AWSAccessKeyId=00000000000000000000&AssociateTag=mytag-20&ListId=
34AN6HPUN5AMX&ListType=WishList&Operation=ListLookup&ResponseGrou
p=ListItems%2COffers%2CImages&Service=AWSECommerceService&Timesta
mp=2009-01-01T12%3A00%3A00Z&Version=2009-01-01

Signed Request

http://ecs.amazonaws.com/onca/xml?AWSAccessKeyId=0000000000000000
0000&AssociateTag=mytag-20&ListId=34AN6HPUN5AMX&ListType=WishList
&Operation=ListLookup&ResponseGroup=ListItems%2COffers%2CImages&S
ervice=AWSECommerceService&Signature=H5u4W10g0vmyB1KA6hmkrea36AFv
SryL9SQfPejvWNs%3D&Timestamp=2009-01-01T12%3A00%3A00Z&Version=200
9-01-01

BrowseNodeLookup Examples

The following examples show the BrowseNodeLookup request without a signature, with the string to sign, and the signed request.

Original Unsigned Request

http://ecs.amazonaws.com/onca/xml?Service=AWSECommerceService&AWS
AccessKeyId=00000000000000000000&Operation=BrowseNodeLookup&Versi
on=2009-01-01&BrowseNodeId=465600&AssociateTag=mytag-20&ResponseG
roup=BrowseNodeInfo,TopSellers,NewReleases,MostWishedFor,MostGift
ed

String to Sign

GET
ecs.amazonaws.com
/onca/xml
AWSAccessKeyId=00000000000000000000&AssociateTag=mytag-20&BrowseN
odeId=465600&Operation=BrowseNodeLookup&ResponseGroup=BrowseNodeI
nfo%2CTopSellers%2CNewReleases%2CMostWishedFor%2CMostGifted&Servi
ce=AWSECommerceService&Timestamp=2009-01-01T12%3A00%3A00Z&Version
=2009-01-01

Signed Request

http://ecs.amazonaws.com/onca/xml?AWSAccessKeyId=0000000000000000
0000&AssociateTag=mytag-20&BrowseNodeId=465600&Operation=BrowseNo
deLookup&ResponseGroup=BrowseNodeInfo%2CTopSellers%2CNewReleases%
2CMostWishedFor%2CMostGifted&Service=AWSECommerceService&Signatur
e=kEXxAIqhh6eBhLhrVMz2gt3ocMaH%2FOBVPbjvc9TG8ao%3D&Timestamp=2009
-01-01T12%3A00%3A00Z&Version=2009-01-01

SimilarityLookup Examples

The following examples show the SimilarityLookup request without a signature, with the string to sign, and the signed request.

Original Unsigned Request

http://ecs.amazonaws.com/onca/xml?Service=AWSECommerceService&AWS
AccessKeyId=00000000000000000000&Operation=SimilarityLookup&ItemI
d=B0011ZK6PC,B000NK8EWI&Version=2009-01-01&AssociateTag=mytag-20&
ResponseGroup=Offers,ItemAttributes&SimilarityType=Intersection&C
ondition=New&Merchant=Amazon

String to Sign

GET
ecs.amazonaws.com
/onca/xml
AWSAccessKeyId=00000000000000000000&AssociateTag=mytag-20&Conditi
on=New&ItemId=B0011ZK6PC%2CB000NK8EWI&Merchant=Amazon&Operation=S
imilarityLookup&ResponseGroup=Offers%2CItemAttributes&Service=AWS
ECommerceService&SimilarityType=Intersection&Timestamp=2009-01-01
T12%3A00%3A00Z&Version=2009-01-01

Signed Request

http://ecs.amazonaws.com/onca/xml?AWSAccessKeyId=0000000000000000
0000&AssociateTag=mytag-20&Condition=New&ItemId=B0011ZK6PC%2CB000
NK8EWI&Merchant=Amazon&Operation=SimilarityLookup&ResponseGroup=O
ffers%2CItemAttributes&Service=AWSECommerceService&Signature=I2pb
qxuS%2FmZK6Apwz0oLBxJn2wDL5n4kFQhgYWgLM7I%3D&SimilarityType=Inter
section&Timestamp=2009-01-01T12%3A00%3A00Z&Version=2009-01-01
previous page start next page