Example OAuth Header

Warning:

As of 2023.1, the support ended for the HMAC-SHA1 signature method.

The following code sample shows a correctly formatted OAuth header.

Important:

All encoding in TBA is percent encoding. Strings must be escaped using RFC 5849. If you do not escape characters in the header, you may receive an INVALID_LOGIN_ATTEMPT error. For more information about percent encoding, go to https://tools.ietf.org/html/rfc5849#section-3.6.

          Authorization:
   OAuth realm="12345", 
   oauth_consumer_key="4a3ff6c251a55057bb1e62d8dc8998a0366e88f3a8fe735265fc425368b0f154",
   oauth_token="52cfe88fecf2e2b74e833e7dfc4cae79ff44c3ca9f696d61e2a7eac6c8357c3c",
   oauth_nonce="qUwlmPvtGCS4sHJe8F7x",
   oauth_timestamp="1462453273",
   oauth_signature_method="HMAC-SHA256", oauth_version="1.0",
   oauth_signature="8PI9lIYxUmUONjxEFJUSMD9oOmc%3D" 

        

Related Topics

• Using TBA for RESTlet Authentication (OAuth)
• TBA Setup Requirements
• Step One Obtain An Unauthorized Request Token
• Tracking RESTlet Calls Made with TBA and OAuth 2.0

General Notices