Authenticate with AWS Signature authentication workflow in Postman

AWS Signature is the authorization workflow for Amazon Web Services requests. AWS uses a custom HTTP scheme based on a keyed-HMAC (Hash Message Authentication Code) for authentication.

The official AWS Signature documentation provides more detail:

To use AWS Signature, do the following:

  1. In the Authorization tab for a request, select AWS Signature from the Type dropdown list.

  2. Select the location where Postman will append your AWS auth details using the Add authorization data to dropdown list, choosing the request headers or URL.

    • If you select Request Headers, Postman will add Authorization and X-Amz- prefixed fields in the Headers tab.
    • If you select Request URL, Postman will add the auth details in Params with keys prefixed X-Amz-.
  3. Enter your access key and secret values directly in the fields. For extra security, use your Postman Vault to store sensitive data as vault secrets. Only you can access and use your vault secrets, and vault secrets aren't synced to the Postman cloud. If you want to share sensitive data with collaborators or access it in scripts, you can store it in an environment as a secret type variable.

    Learn more about the differences between vault secrets and variables.

  4. You can optionally set advanced fields, but Postman will autogenerate these if necessary.

The AWS Signature parameters are as follows:

  • AWS Region - The region receiving the request (defaults to us-east-1).
  • Service Name - The service receiving the request.
  • Session Token - Required only when using temporary security credentials.

Last modified: 2023/05/30