Authenticate with AWS Signature authentication workflow in Postman

AWS Signature is the authorization workflow for Amazon Web Services requests. AWS uses a custom HTTP scheme based on a keyed-HMAC (Hash Message Authentication Code) for authentication.

The official AWS Signature documentation provides more detail:

• Signing and Authenticating REST Requests
• Use Postman to Call an API

To use AWS Signature, do the following:

1. In the Authorization tab for a request, select AWS Signature from the Auth Type dropdown list.

2. Select the location where Postman will append your AWS auth details using the Add authorization data to dropdown list. Select Request Headers or Request URL.

   • If you select Request Headers, Postman adds Authorization and X-Amz- prefixed fields in the Headers tab.
   • If you select Request URL, Postman adds the auth details in Params with keys prefixed X-Amz-.

3. Enter your AccessKey and SecretKey values. For extra security, use your Postman Vault to store sensitive data as vault secrets. Only you can access and use your vault secrets, and vault secrets aren't synced to the Postman cloud. If you want to share sensitive data with collaborators or access it in scripts, you can store it in an environment as a secret type variable.

   Learn more about the differences between vault secrets and variables.

4. You can optionally set advanced fields in the Advanced configuration section, but Postman generates these automatically if necessary.

The AWS Signature parameters are as follows:

• AWS Region - The region receiving the request (defaults to us-east-1).
• Service Name - The service receiving the request.
• Session Token - Required only when using temporary security credentials.