Request signing
cdpcurl
, the CDP SDK, and CDP CLI offer built-in request signing, but
if you use a different HTTP client to make an API call, you must generate the required
headers.
A CDP API call requires a request signature to be passed in the "x-altus-auth" header, along
with a corresponding timestamp in the "x-altus-date" header. cdpcurl
constructs the headers automatically. However, if you would rather use a different HTTP
client, such as ordinary curl
, you can use the cdpv1sign
script within cdpcurl
to generate these required headers.
You can then parse the header values from the script output and feed them to your preferred client. Note that CDP API services will reject calls with timestamps too far in the past, so generate new headers for each call.
For example:
$ cdpv1sign -X POST https://api.us-west-1.cdp.cloudera.com/api/v1/environments2/listEnvironments
Content-Type: application/json
x-altus-date: Fri, 28 Aug 2020 20:38:38 GMT
x-altus-auth: (long string value)
The request signing specification is available here.