On May 23, 2014, at 1:40 PM, Phillip Kent <phillip.k...@gmail.com> wrote:
> Dear all, > > I am trying out the API call expiration option and my experience does > not agree with the documentation. > [see > http://docs.cloudstack.apache.org/en/master/dev.html#the-cloudstack-api > ] > > Can anyone confirm my experience? > > The doc suggests that the timestamp can be sent in the URL in the > un-encoded form: > expires=2014-05-23T11:33:38+0000 > but for me it only works with URL encoding: > expires=2014-05-23T11%3A33%3A38%2B0000 > > Also, the documentation is vague about whether the 'expires' and > 'signatureVersion' parameters are included in the signature hashing. So > far as I can understand they have to be included. > > The misleading thing is that the doc uses the same signature string > again and again: it looks like a cut and paste job, not actual > signatures computed for the different requests. > well the signatures are computed with the secret key, so in any case it will be different. not sure, but I fixed some of the formatting issues in the docs. > Thx Phillip > > > >