Getting Missing x-amz-content-sha256 when trying to upload an image

🆘 Support
1

Describe the issue:

Using Postman, I am trying to upload an image. I get to step 2 and receiving the following error after executing a PUT on the URL from step 1:

<?xml version="1.0" encoding="UTF-8"?>
<Error>
    <Code>InvalidRequest</Code>
    <Message>Missing x-amz-content-sha256</Message>
</Error>

I get this URL from step 1:

"data": {
        "id": "/160331/1745820728-419.png",
        "type": "upload_request",
        "attributes": {
            "url": "https://datocms-assets.6c36efb897e5eae1d2a887cfa632eea9.eu.r2.cloudflarestorage.com/160331/1745820728-419.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=redacted%2F20250428%2Fauto%2Fs3%2Faws4_request&X-Amz-Date=20250428T061208Z&X-Amz-Expires=900&X-Amz-SignedHeaders=host&X-Amz-Signature=redacted",
            "request_headers": {}
        }
    }

Do I need to do anything different here?

(Moderator note: Fixed code formatting)

2

Hi @michael.morse,

Welcome to the Dato forum! Sorry about this inconvenience… this was probably caused by some recent infrastructure changes on our side.

Fortunately, the fix is simple: please remove the Authorization header from your HTTP call. If it’s getting inherited from a folder-level or collection-level Auth header, you can either disable that inheritance and/or just explicitly override it with a blank one, like:

Bruno - 2025-04-28 10-50-10 AM
Bruno - 2025-04-28 10-50-10 AM1308×504 26.1 KB

(That’s from Bruno, so the UI is a little different from Postman, but same idea).

Sorry about that! I’ll ask the devs if we can automatically ignore that header. (Having an Authorization header present is what causes the x-amz-content-sha256 error). I’ll also update our API docs to point this out.

4

Thank you :slight_smile: That worked :slight_smile:

1 Like