Generally, Cloudinary provides comprehensive API client-libraries in order to save you the hassle of generating the HTTP request and the signature by yourself.
If you still require doing that on your own, you might want to check out how it's done on our client libraries. Below are some references to start from:
api_sign_request = function(params_to_sign, api_secret)
SignParameters(IDictionary<string, object> parameters)
cld utils api_sign_request $params_to_sign $api_secret
Few more tips:
- The string to sign must consist of a valid Timestamp (UNIX format), your account's
api_secretand any additional upload parameter in use except:
- String to sign must contain all required parameters sorted alphabetically, where the parameter names are separated from their values with an
=and the parameter/value pairs are joined together with an
&, and end with the
api_secretshould never be revealed to anyone who is not authorized, therefore should never be used on the client-side or inside your native application.
- Mobile native applications must either use an unsigned-upload or have a server to process the signature on.
- A signature is only valid for 1 hour since the timestamp it's based on.
- Sanity check - Signing the following string:
where `abcd` is the
api_secret, should result in the following signature:
- More information is available here: