Generating Signatures

Generate Signatures Using REST API

You can use the REST API to generate signatures. This is a simple interface suitable for generating a small number of signatures. If you need to generate a high volume of signatures (e.g., thousands per second), we recommend using one of the url-signer libraries. Review our REST API documentation here.

Generate Signatures Using url-signer Libraries

IO River provides url-signer libraries that can be used for generating signatures offline. These libraries are optimized for generating high volumes of signatures and are available in multiple programming languages:

• url-signer-python: GitHub Repository
• url-signer-nodejs: GitHub Repository

Refer to the README section in the respective repositories for details on how to use the url-signer libraries.

Required Information for Generating a Signature

To generate a signature, the following information is required:

• Private Key and Encryption Key: The keys used when configuring the verification key.
• Provider Key Information: This can be retrieved from the list of keys in the UI by clicking on the </> icon.
• Policy to Sign: A JSON object containing the attributes outlined below.

Policy Attributes

• resources (required): A string specifying the URL or URL pattern the policy applies to.
• condition (required): A dictionary containing the conditions for the policy.
  • end_time (required): An integer specifying the UNIX timestamp when the signature will expire.
  • start_time (optional): An integer specifying the UNIX timestamp when the signature becomes valid.

Example Policy

{
    "resources": "https://test.example.com/streams/*",
    "condition": {
        "end_time": 1733356800
    }
}