Secure URLs

Secure URLs

Secure URLs prevent others from generating LibPixel image URLs on your behalf, which would count toward your usage limits.

Secure URLs contain an additional signature parameter at the end of the query string. Signatures are generated using your private Auth Secret.

By default, signatures are only required when using the src parameter. To enforce signatures for all requests, visit the Settings page and enable Require Authenticated Requests.

Generating Signatures

The easiest way to generate Secure URLs is by using a LibPixel Client Library. However, if one doesn't exist for the programming language you're using, you can generate the signatures yourself.

Steps for generating a signature:

  1. Generate an image URL as normal.

  2. Extract the path and query string from the URL. This is the data you'll be signing. The path must begin with a /, and must at least contain 1 character.

  3. Generate an HMAC-SHA1 in hexadecimal format using your Auth Secret. This is your signature value.

  4. Append a query string parameter signature with the signature value to the end of the original query string.

Last updated

Was this helpful?