Generally Cloudinary provides a comprehensive API client-libraries in order to save you the hassle of generating the HTTP request and the signature by yourself.
If you still require doing that on your own, you might want to check out how it's done on our client libraries. Below are some references to start from:
Ruby On Rails:
api_sign_request = function(params_to_sign, api_secret)
apiSignRequest(Map<String, Object> paramsToSign, String apiSecret)
SignParameters(IDictionary<string, object> parameters)
Few more tips:
- The string to sign must consist of a valid Timestamp (UNIX format), your account's
api_secretand any additional upload parameter in use.
- String to sign must contain all required parameters sorted alphabetically, and end with the
api_secretshould never be revealed to anyone who is not authorized, therefore should never be used on the client side or inside your native application.
- Mobile native applications must either use an unsigned-upload or have a server to process the signature on.
- A signature is only valid for 1 hour since the timestamp it's based on.
- Sanity check - Signing the following string:
where `abcd` is the
api_secret, should result with the following signature:
- More information is available here: