App signed request

A signed request is an object representing a HTTP request, that includes a signature header and some additional metadata.

Installing an app whose AppDefinition has an associated AppSigningSecret into a space allows users with access to that space to use the Content Management API to sign any request.

To do this, the full request needs to be submitted, and the computed signature will be returned, along with some additional headers. Including these headers in your subsequent request makes it possible for the receiving party to verify the request.

Requests expecting to be signed need to be in the following format:

Field	Type	Required	Description
method	String	true	The HTTP method of the request to be signed.
path	String	true	The canonical path of the request to be signed. Should not include the procotol, host, or port.
headers	Object	false	A map of headers and their values to be signed, can be left empty if no headers need to be signed.
body	String	false	The request body as a string. When sending JSON, pass the stringified version.

Create a signed request