I'm trying to use Invoke-WebRequest for retrieving an Auth Token, but I'm running into an error that says:
Invoke-RestMethod:
{
"message": "Authorization header requires 'Credential' parameter. Authorization header requires 'Signature' parameter. Authorization header requires 'SignedHeaders' parameter. Authorization header requires existence of either a 'X-Amz-Date' or a 'Date' header. (Hashed with SHA-256 and encoded with Base64) Authorization=.REDACTED"
}
I thought Invoke-WebRequest could handle Basic Auth since .NET 6 Core, so I'm wondering if I'm missing something or if this might be a bug. I've tested it in two ways: first, by generating headers manually using the older method, and second, by using the newer approach that supplies the credential. I checked that both manually created and automatically generated headers match, so it doesn't seem to be an issue there.
Here's my code snippet for clarity:
$test = $authClientID+":"+$authSecret
$auth = [Convert]::ToBase64String([Text.Encoding]::UTF8.GetBytes($test))
$secretIN = ConvertTo-SecureString $authSecret -AsPlainText
$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$headers.Add("Authorization","Basic "+$auth)
$cred = New-Object System.Management.Automation.PSCredential($authClientID, $secretIN)
$body = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$body.Add("grant_type","client_credentials")
$body.Add("scope","read")
$webResponse0 = Invoke-RestMethod -Uri $tokenRequestUrl -Body $body -SessionVariable myRequest0 -Authentication Basic -Credential $cred
$webResponse1 = Invoke-RestMethod -Uri $tokenRequestUrl -Body $body -SessionVariable myRequest1 -Headers $headers -Method POST
$myRequest0.Headers.Authorization -eq $myRequest1.Headers.Authorization
1 Answer
It seems like the issue you’re running into isn't with your code so much as with the type of authentication being used. The error message points toward a need for headers that are typically found in AWS Signature versions, which might indicate you're mixing up Open API specifications with AWS authentication methods. You might want to check AWS’s documentation about request signing to see if that’s what’s required here.
Totally! That header issue points towards AWS-style signing. Looks like providing the right `X-Amz-Date` or `Date` headers might be crucial for your request to go through. Definitely worth reviewing AWS guidelines!