APISigning now works with Amazon's Simple Email Service (SES)
The APISigning service will now work with Amazon's SES Service. See the SES Usage Page for more information
All requests to Amazon's Product Advertising API must now be signed
As of August 17th, 2009, Amazon now requires that all requests to their Product Advertising API be signed. The signature process verifies that requests made using your Access Key were actually requested by you.
To sign the request, your programming software needs to construct the request as it normally does. It then adds a timestamp, and then calculates a unique 'signature' (or 'hash') based on the request and your Amazon secret key. Since the request contains a timestamp, each hash value is unique and it must be calculated for every request.
The new request containing the signature is then sent to Amazon where they also calculate the signature for your request. If the signature that you sent matches the signature that they calculated, then your request goes through normally. If everything wasn't done exactly correct, you will receive a response like this:
<Code>SignatureDoesNotMatch</Code> <Message>The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.</Message>
The signature must be calculated exactly correct or else it won't match what the Amazon service is expecting and your request will be denied.
Any website or service that uses the Amazon Product Advertising API will need to be modified to include the proper signature. The exact method for doing so will depend on how your software was written. Commercial applications should receive updates from the application provider. Many open-source applications have also released updates. Websites that were custom programmed will need a programer to implement these changes. Some individuals and groups have released code samples for creating the required signatures, but making them work usually requires a bit of tweaking and manipulation to get it working just right.
Some programming languages don't contain functions for calculting the necessary crypt graphic hashes. For example, Excel macros and applications written in some less popular languages often don't have some required functions
Services that we provide
APISigning.com is a service provided by RoundSphere, LLC to address the implementation of these required changes. We provide two services:
Custom Programming - We can modify the source code for your website or application so that it will properly sign the Amazon API Requests. Our team of programmers has years of experience working with all types of websites and can quickly make the changes necessary to get your website or application working.