We are just getting started with Postman, and have run into an issue with AWS Signature authorization. If I understand the problem correctly, there may be a bug in how the host header is added into the canonical string which is then used to calculate the signature.
If we make a POST to https://aws-api-gateway-url:443/path
, we get the following response:
{
"message": "The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details. ..."
}
However, if we make a post to https://aws-api-gateway-url/path
(no port), we get a valid response.
Next observation comes from comparing the host
header (under the Headers tab, there is a calculated header host: aws-api-gateway-url:443
– includes port) to the suggested header in the error message returned (...The Canonical String for this request should have been ... host:aws-api-gateway-url ...
– no port).
Is it possible that Postman is including the port in the generated host header when AWS is not, and thus this breaks the signature, at least for the default https port?