Overview
Sources
Libraries
Images API

Source Security

Sources can have an extra security layer enabling secured requests. In this section, we will explain how secured requests and signatures work on imglab.

How secured requests works

By default, sources have secured requests disabled. This means that anybody with access to an imglab URL can modify their parameters (e.g. removing the watermark or removing size parameters to get the original size image).

To avoid this scenario it is possible and highly recommended to enable secured requests for a source. When secured requests are enabled for a source only requests with a valid signature will return a successfully response.

Signed requests are those that have a valid signature parameter at the end of the URL like the following one:

https://assets.imglab-cdn.net/flowers.jpeg?width=500&signature=itoE2Y-wg07flJCjFyUJIFFjHa8C_a2yoX4UEvLx6_c

Any attempt to change or modify the parameters of the previous URL without generating a new valid signature will finish with imglab responding with a 403: Invalid signature error.

Signatures are generated normally by one of our integration libraries when a secure key and salt are specified for the source. If you need to know how signatures are generated please take a look to the signature article on Images API documentation.

How to create sources with secured requests enabled

  1. On imglab go to Sources section and click on Add Source.
  2. Set a valid Name.
  3. On the Security section select Secured Requests.
  4. Fill the rest of necessary attributes depending of the source type and click on Create Source.

It is possible to enable secured requests after a source has been create. Follow these steps:

  1. On imglab go to Sources section and click on the source that you want to change.
  2. Once you are viewing the source details go to Security section and click on Enable Security button.
  3. You will see a dialog asking for confirmation, click on Accept.
  4. You will see that Security section of the source is showing now that secured requests are in use and you can obtain secure key and salt for the source.

How to get secure key and secure salt for a source

Once you have a source with Secured Request enabled you can access his secure key and secure salt values following these steps:

  1. On imglab go to Sources section and click on the desired source.
  2. Once you are viewing the source details go to Security section and copy the content of Secure Key and Secure Salt to your integration code.