All Products
Search

This Product

    Object Storage Service:0002-00000222

    Document Center

    Object Storage Service:0002-00000222

    Last Updated:Mar 28, 2025

    Problem description

    The value of the AccessKeyId field of the x-oss-credential parameter in the request is invalid.

    Causes

    You initiated a request that uses a V4 signature, but the value of the AccessKeyId field of the x-oss-credential parameter is invalid.

    Examples

    The URL of the request uses the V4 signature, but the value of the AccessKeyId field of the x-oss-credential parameter is invalid. 

    GET /oss.jpg?x-oss-signature-verion=OSS4-HMAC-SHA256&x-oss-credential=\rabc/20221220/cn-hangzhou/oss/aliyun_v4_request&x-oss-expires=1141889120&x-oss-additional-headers=host&x-oss-signature=8u**a3 HTTP/1.1
Host: oss-example.oss-cn-hangzhou.aliyuncs.com
Date: Tue, 20 Dec 2022 08:48:18 GMT

    The x-oss-signature parameter in the request is required to specify the signature. The x-oss-signature parameter must be in the following format: <AccessKeyId>/<SignDate>/<Region>/oss/aliyun_v4_request. In the preceding example, the value of the AccessKeyId field is invalid because the value contains the invalid characters \rabc.

    Solutions

    You must specify the x-oss-signature-verion, x-oss-credential, x-oss-expires, and x-oss-signature fields in the request. You can specify the x-oss-additional-headers field as needed. The following code provides an example on how to specify the x-oss-credential field:

    GET /oss.jpg?x-oss-signature-verion=OSS4-HMAC-SHA256&x-oss-credential=LTAI****************/20221220/cn-hangzhou/oss/aliyun_v4_request&x-oss-expires=1141889120&x-oss-additional-headers=host&x-oss-signature=8u**a3 HTTP/1.1
Host: oss-example.oss-cn-hangzhou.aliyuncs.com
Date: Tue, 20 Dec 2022 08:48:18 GMT

    References

    • For information about how to use Alibaba Cloud SDKs to initiate a request that uses the V4 signature, see Overview.

    • Calculate the signature:

      If the server returns a response that contains the StringToSign parameter, you must check whether the value of the StringToSign parameter on the server is the same as the string before calculation.