Connecting to Azure via Postman

0
votes

We are trying to connect to Azure via postman but getting

"The MAC signature found in the HTTP request is not the same as any computed signature". What we are doing based on the documentation is to construct a string to sign:

GET\n\n\n\n\n\n\n\n\n\n\n\nx-ms-date:Wed, 24 Feb 2021 08:50:08 GMT\nx-ms-version:2020-04-08\n/myaccount/containername/filename

And then we decode the accesskey from base64

From there we use an online tool to encrypt the signature with HMAC SHA256 and the access key of the Azure portal.

Please see photo: Azure SharedKey

We used that as authorization header SharedKey myaccount:HashedOutput however we get this error: Error in Postman

Can someone advice on this? Thank you!

1
azurepostman

1 Answers

0
votes

If you request the Get Blob Rest API, the string-to-sign is correct. But the steps to encode the signature seem incorrect.

To encode the signature, call the HMAC-SHA256 algorithm on the UTF-8-encoded signature string and encode the result as Base64. Note that you also need to Base64-decode your storage account key.Use the following format (shown as pseudocode):

Signature=Base64(HMAC-SHA256(UTF8(StringToSign), Base64.decode(<your_azure_storage_account_shared_key>)))

enter image description here

Encode the signature using PHP:

$date = gmdate('D, d M Y H:i:s \G\M\T');
$version = "2020-04-08";
echo $date;

$stringtosign = "GET\n\n\n\n\n\n\n\n\n\n\n\nx-ms-date:". $date . "\nx-ms-version:".$version."\n/".$storageAccount."/".$containerName."/".$blobName;
$signature = 'SharedKey'.' '.$storageAccount.':'.base64_encode(hash_hmac('sha256', $stringtosign, base64_decode($account_key), true));
echo "\n\n" . $signature;

Encode the signature using Powershell: https://docs.microsoft.com/en-us/answers/questions/59066/create-authorization-header-with-shared-key-using.html