Skip to main content

Invalid Signature on Uploads (Happens intermittently)

Comments

5 comments

  • Michal Kuperman

    Hi, Can you please check that the params you used to sign (specifically public_id, timestamp) match the params you get in the error? In addition, please check that you are using the correct api_secret as well.

    0
  • Pet Giving

    There's a 1 second difference between the timestamp I create and the one that comes back in the error msg.  Why might this be? 

     

    EDIT - figured out is just a hash comparison. I'm assuming the timestamp from the sig gets compared to the created_at property generated in the widget.  Any suggestions?

    0
  • Shirly Manor

    Hi,

    Looking at the string to sign:


     'public_id=909be419-5d43-43f5-b5a9-a78e6222cd87&source=uw&timestamp=1591295003&upload_preset=overwrite_videos'

     

    And it seems that we missed the API Secret at the end of the string.

    If your API Secret is `abcd` It should look like:

     'public_id=909be419-5d43-43f5-b5a9-a78e6222cd87&source=uw&timestamp=1591295003&upload_preset=overwrite_videosabcd'

    You can read more about it here:

    https://cloudinary.com/documentation/upload_images#generating_authentication_signatures

    Please let us know if that helps,

    0
  • Pet Giving

    This doesn't help.  We using the official Cloudinary to generate the SHA1 hash.  The string in the error isn't what we send  HASH's can't be decrypted.

     

    Also your comment doesn't explain why it works most of the time.

    0
  • Shirly Manor

    Hi, 

    For security reasons, can you please open a ticket at support@cloudinary.com and we can check this issue together?

    Best,

    0

Post is closed for comments.