• Public
  • Public/Protected
  • All

Interface AwsSigningConfig

Configuration for use in AWS-related signing. AwsSigningConfig is immutable. It is good practice to use a new config for each signature, or the date might get too old.


  • AwsSigningConfig




Which signing process to invoke

Optional date

date: Date

Date and time to use during the signing process. If not provided then the current time in UTC is used. Naive dates (lacking timezone info) are assumed to be in local time

Optional expiration_in_seconds

expiration_in_seconds: number

Query param signing only: how long the pre-signed URL is valid for

Optional header_blacklist

header_blacklist: string[]

Headers to skip when signing.

Skipping auth-required headers will result in an unusable signature. Headers injected by the signing process are not skippable. This function does not override the internal check function (x-amzn-trace-id, user-agent), but rather supplements it. In particular, a header will get signed if and only if it returns true to both the internal check (skips x-amzn-trace-id, user-agent) and is found in this list (if defined)

Optional omit_session_token

omit_session_token: boolean

Should the session token be omitted from the signing process? This should only be true when making a websocket handshake with IoT Core.


provider: AwsCredentialsProvider

Credentials provider to fetch signing credentials with


region: string

The region to sign against

Optional service

service: string

Name of service to sign a request for

Optional should_normalize_uri_path

should_normalize_uri_path: boolean

Whether the resource paths are normalized when building the canonical request.


signature_type: AwsSignatureType

What kind of signature to compute

Optional signed_body_header

signed_body_header: AwsSignedBodyHeaderType

Controls what header, if any, should be added to the request, containing the body value

Optional signed_body_value

signed_body_value: string

Value to use as the canonical request's body value.

Typically, this is the SHA-256 of the payload, written as lowercase hex. If this has been precalculated, it can be set here. Special values used by certain services can also be set (see AwsSignedBodyValue). If undefined (the default), the typical value will be calculated from the payload during signing.

Optional use_double_uri_encode

use_double_uri_encode: boolean

Set true to double-encode the resource path when constructing the canonical request. By default, all services except S3 use double encoding.

Generated using TypeDoc