This support forum is no longer in use. Please use the Cloudinary Community at https://community.cloudinary.com/ to receive assistance from other members of the community and from Cloudinary's support team. For account-specific questions or if you believe that you've encountered a bug, please contact the Cloudinary team directly via the "submit a request" option on this support site.

Not able to use signed preset for signed upload using signature

Follow
Avatar
Viral Thakker

Hi,

I am not able to use the signed preset with the signature generated on the server side and getting this error 
 Server returned unexpected status code - 401 - {"error":{"message":"Invalid Signature ce663b63ba1c65ea97116f90244012659a000e1a. String to sign - 'timestamp=1645771542'."}}

Also would like to know what is the difference between authenticated delivery type and private delivery type? 


0

Comments

4 comments

Sort by Date Votes
  • Avatar
    Stephen Doyle

    Hi,

    The most likely reason for the error above is that the signature is indeed incorrect. Please check the exact API call that was made against the values you used to create the signature - the error shows you which parameters were received on the API call and that we used to validate if the signature you provided was correct.

    Assuming that you don't have other parameters used, a possible issue is if you didn't pass the same timestamp to the frontend that was used to create the signature, and the frontend sent a different timestamp.

    If you still can't see the source of the issue, please contact us directly with your account details and the details of how you're creating the signature and we can assist further.

    Regarding the different delivery types related to access control, there's a guide here with more information: https://cloudinary.com/documentation/control_access_to_media

    At a high level, the main difference is:

    • `private` delivery type - The original asset can't be downloaded without a signature, but derived versions of the asset are publicly accessible. This is often used in conjunction with "strict transformations" to limit which derived versions can be created automatically
    • `authenticated` delivery type: both the original and derived assets require a signature to be accessed

    Please let me know if that helps and if there's anything else I can help with

    Regards,
    Stephen

    0
    Comment actions Permalink
  • Avatar
    Viral Thakker

    This is the code that is used to generate a signature at the backend.

    exports.createCloudinarySignature = functions.https.onCall(logApi((data, context) => {
    return validateAuth(data, context, function (user, callback) {
        const timestamp = Math.round((new Date).getTime()/1000);
        const apiSecret = cloudinary.config().api_secret;
        const apiKey = cloudinary.config().api_key;
        const signature = cloudinary.utils.api_sign_request({
            timestamp: timestamp,
            folder: 'Test-Viva'}, apiSecret);

        callback(null, {signature, timestamp, apiKey});
    });
}));
    0
    Comment actions Permalink
  • Avatar
    Stephen Doyle

    Hi,

    In your code you're specifying a "folder" parameter when creating the signature but there isn't a "folder" parameter on the API call. Can you check that please?

    The parameters used to create the signature and the parameters sent on the API call must match - in the error response you can see which parameters we received on the API call and used to validate the signature.

    Regarding the validity - the timestamp specified in the API call must be less than 1 hour old: https://cloudinary.com/documentation/upload_images#uploading_with_a_direct_call_to_the_rest_api

    Regards,

    Stephen

    0
    Comment actions Permalink
  • Avatar
    Viral Thakker

    Thank you Stephen for the quick help,

    That actually solve the problem. 

    0
    Comment actions Permalink

Post is closed for comments.