{ "code": 40103, "message": "Invalid signature in request credentials", "stat": "FAIL" }

I can do GET command successful via postman, in below resultset . but when try POST with everything same and adding parameters to body as username with x-www-form-urlencoded type. It shows below error.
“code”: 40103,
“message”: “Invalid signature in request credentials”,
“stat”: “FAIL”

what can cause it in Postman for POST request

Hi, I think the answers you need are in the past discussion thread here, specifically see the reply on building the signature using the pre-request script feature in postman.

Also, are you url encoding the params in the request? There is a third-party Postman public workspace that some people are using that doesn’t encode the key-value pairs.

1 Like

Do you mean encode the Secret and Integration Key?

No, I mean the parameters you are trying to pass in on the POST.

From the Admin API doc:

When URL-encoding, all bytes except ASCII letters, digits, underscore ("_"), period ("."), tilde ("~"), and hyphen ("-") are replaced by a percent sign ("%") followed by two hexadecimal digits containing the value of the byte. For example, a space is replaced with “%20” and an at-sign ("@") becomes “%40”.

Like, username=testuser1@example.com should be URL encoded as username=testuser1%40example.com.

If using Postman, is the Postman pre-request script used handling URL-encoding of the parameters (is there a function to URL-encode the params)?

Thanks so much for responding! I really appreciate it!
I still can get past the sign-in. For the DUO, I have to use my phone to get in to the program as an admin when I log in. Do you think that might be the issue on my side with the API? I am really new to Java and I am learning it on the go. I am using Basic Auth to log in and I thought I followed the instruction on doing a HMAC on the five items in the documentation with the secret key to get the password.

I suggest you take a look at the duo_client_java demonstration client, which also shows signing.

Thanks! Really appreciate the help.