OAuth







OAuth Request







SignatureMethods

The HMAC-SHA1 signature method uses the HMAC-SHA1 signature algorithm as defined in [RFC2104]
where the Signature Base String is the text and the key is the concatenated values (each first
encoded per Parameter Encoding) of the Consumer Secret and Token Secret, separated by an '&'
character (ASCII code 38) even if empty.
- Chapter 9.2 ("HMAC-SHA1")


The HMAC-SHA1 signature method uses the HMAC-SHA1 signature algorithm as defined in [RFC2104]
where the Signature Base String is the text and the key is the concatenated values (each first
encoded per Parameter Encoding) of the Consumer Secret and Token Secret, separated by an '&'
character (ASCII code 38) even if empty.
- Chapter 9.2 ("HMAC-SHA1")


The PLAINTEXT method does not provide any security protection and SHOULD only be used
over a secure channel such as HTTPS. It does not use the Signature Base String.
- Chapter 9.4 ("PLAINTEXT")