Three ways to sign URLs for Amazon Web Services

Last week I was doing some experiments with the Amazon web service API. For the most part it is pretty self explanatory. The part that was difficult was figuring out how to construct the URL so it can authenticate with Amazon. In researching this issue I found three different solutions. I’m writing them down here mainly for my own needs so I can find it later.

Flex/Flash/AIR apps: You can use the ActionScript code here: Signing Amazon Web Service Requests in ActionScript

JavaScript apps: Technically this isn't a library, but Amazon has an online URL signer here: Signed Requests Helper. You can view source to see the JavaScript used. I'm not sure you would ever use this in production as it implies putting your access keys in the view source, but it's another option.

ColdFusion apps: I used the Amazon Product Advertising API Signature Generator from Tim Dawe and it worked very easily. You provide the "base" URL and the CFC will handle returning the URL with all the extra crap at the end. So for example:

<cfset accesskey = "key here"> <cfset secretkey = "secret key here"> <cfset theurl = "http://ecs.amazonaws.com/onca/xml?Service=AWSECommerceService&Operation=ItemSearch&SearchIndex=Music&Keywords=Depeche+Mode+Violator&ResponseGroup=Images&AWSAccessKeyId=#accesskey#"> <cfset theurl = signRequest(theurl, secretkey)> <cfhttp url="#theurl#">

In case you are curious, that code above did an image search on the Depeche Mode Violator album which returned the CD cover. Pretty cool (and yes, it's what I was originally trying to do).

Raymond Camden's Picture

About Raymond Camden

Raymond is a developer advocate. He focuses on JavaScript, serverless and enterprise cat demos. If you like this article, please consider visiting my Amazon Wishlist or donating via PayPal to show your support.

Lafayette, LA https://www.raymondcamden.com

Comments