Sources can have an extra security layer enabling secured requests. In this section, we will explain how secured requests and signatures work on imglab.
How secured requests works
By default, sources have secured requests disabled. This means that anybody with access to an imglab URL can modify their parameters (e.g. removing the watermark or removing size parameters to get the original size image).
To avoid this scenario it is possible and highly recommended to enable secured requests for a source. When secured requests are enabled for a source only requests with a valid signature will return a successfully response.
Signed requests are those that have a valid
signature parameter at the end of the URL like the following one:
Any attempt to change or modify the parameters of the previous URL without generating a new valid
signature will finish with imglab responding with a
403: Invalid signature error.
Signatures are generated normally by one of our integration libraries when a secure key and salt are specified for the source. If you need to know how signatures are generated please take a look to the signature article on Images API documentation.
How to create sources with secured requests enabled
On imglab go to Sources section and click on Add Source.
Set a valid Name.
On the Security section select Secured Requests.
Fill the rest of necessary attributes depending of the source type and click on Create Source.
It is possible to enable secured requests after a source has been create. Follow these steps:
On imglab go to Sources section and click on the source that you want to change.
Once you are viewing the source details go to Security section and click on Enable Security button.
You will see a dialog asking for confirmation, click on Accept.
You will see that Security section of the source is showing now that secured requests are in use and you can obtain secure key and salt for the source.
How to get secure key and secure salt for a source
Once you have a source with Secured Request enabled you can access his secure key and secure salt values following these steps:
On imglab go to Sources section and click on the desired source.
Once you are viewing the source details go to Security section and copy the content of Secure Key and Secure Salt to your integration code.