Signature is a required parameter for secured sources (sources that have secured request enabled).
This parameter is a cryptographic HMAC Base64 encoded string that needs to be added as the last query parameter of the URL when the requested source has secured request enabled.
If the signature parameter is invalid or missing for a secure source imglab will respond with a 403 Forbidden HTTP error.
An example of URL with signature:
https://assets.imglab-cdn.net/flowers.jpeg?width=500&height=600&signature=llpPlSxPvEZGyE7c9jzgrqug93vewO_L8UvvZhysK18
Signature parameters are automatically generated if you are using one of our integration libraries and the specified source has a secure key and salt.
Calculate signature
The required values to generate a signature value are:
-
Base64 decoded source secure key.
-
Base64 decoded source secure salt.
-
Path to the resource (not including slash). i.e.
flowers.jpeg
-
URL encoded query parameters (if the request has parameters). i.e.
width=500&height=600
The steps to generate the signature value are as follows:
-
Add Base64 decoded source secure salt.
-
Add a slash character
/.
-
Add the path to the resource.
-
Add a question mark character
? (only if the request has query parameters).
-
Add URL encoded query parameters (only if the request has query parameters).
-
Generate HMAC digest using SHA256 and the Base64 decoded secure key.
-
Encode the result as Base64 URL safe without padding.
Notes on security
Signature parameter allow us to avoid malicious users to requests images with different parameters to the ones present in the original request. It is the recommended way to generate URLs with imglab.