Which methods could the developer use to complete a signed request?

By:
In: DVA-C01
Tagged:
With: 1 Comment
A developer is developing an application that uses signed requests (Signature Version 4) to call other AWS services.The developer has created a canonical request, has created the string to sign, and has calculated signing information.

Which methods could the developer use to complete a signed request?

(Choose two.)

Add the signature to an HTTP header that is named Authorization

Add the signature to a session cookie

Add the signature to an HTTP header that is named Authentication

Add the signature to a query string parameter that is named X-Amz-Signature

Add the signature to an HTTP header that is named WWW-Authenticate

Explanations:

The signature must be added to the HTTP header named “Authorization” as per AWS Signature Version 4 specifications. This header includes credentials and additional information required for authentication.

Adding the signature to a session cookie is not a standard method for AWS Signature Version 4. Cookies are generally used for session management and do not comply with the requirements for signed requests.

The header named “Authentication” is not recognized in AWS Signature Version 4. The correct header to include the signature is “Authorization.”

It is acceptable to add the signature to a query string parameter named “X-Amz-Signature.” This method is valid for including the signature when making requests via HTTP GET, particularly when using URL signing.

The header “WWW-Authenticate” is used primarily in the context of authentication challenges (like Basic or Digest authentication) and does not apply to AWS Signature Version 4. The signature should not be placed in this header.

2025-10-06

1 Comment

  1. Albert
    Author

    I infer that the answer is:
    Add the signature to an HTTP header that is named Authorization

Leave a Reply to Albert Cancel reply

Your email address will not be published. Required fields are marked *

4 × two =