View Full Version : Moving to a signed request with Amazon Web Services (AWS)

Blue Cat Buxton
07-17-2009, 02:40 AM
With effect from 15 August 2009, AWS will require all requests to their product advertising API database to be signed to authenticate the request. The signing process uses public key cryptography to effectively encode your request to Amazon, and decode the response. There is a stack of documentation on the AWS website that explains how it all works, but effect, and thanks to some nifty plugins this is relatively simple to achieve.

Firstly you need 2 pieces of information from Amazon, your public key and your private key. From aws.amazon.com go to ‘Your Account’ and select the ‘Access Identifiers’ link. From that page select the ‘AWS Access Key Identifiers’ link.

Your public key is the one shown on the page as Your Access Key ID. The private key, described as Your Secret AccessKey, is hidden until you select the show link.

Make a note of both of these.

You then need to head over to http://mierendo.com/software/aws_signed_query/ and download the include file that you will find there. Save the file as aws_signed_request.php and upload it to your server.

I also needed the sha256.inc.php include file called from aws_signed_request.php which you can get here: http://www.nanolink.ca/pub/sha256/

To call the application and make a request to Amazon the mierendo script needs the 2 keys, the Amazon region (ie com) and the parameters you want to search Amazon with.

The following code gives you the xml feed that you can then parse in your preferred way:


$public_key = "your_public_key_here";
$private_key = " your_private_key_here ";


$xmlfeed = aws_signed_request("com", array("Operation"=>"ItemLookup","ItemId"=>$SearchString,"ResponseGroup"=>$Type), $public_key, $private_key);

echo $xmlfeed;


07-19-2009, 09:17 AM
Thanks, hopefully I can get it to work with my script.