Why is base64 encoding an API authorization key?

Question

Why is base64 encoding an API authorization key?

We are currently developing web api and are in the process of implementing authorization. We followed the (mostly) implementation of the Amazons , but there is one part that I really don't quite understand.

Namely, what is the base64 point encoding the resulting hmac? The difference in length is negligible, at least for most sites. An Amazon would probably notice the difference. This is the only reason? Could this have anything to do with ascii / unicode?

+7

security api authorization amazon-web-services

Josh Smeaton Apr 20 '12 at 11:42

source share

1 answer

Michael J. Gray · Accepted Answer · 2012-04-20T11:47:34+0000

Hash algorithms and HMAC do not provide hexadecimal string outputs, which many tend to believe; they both output binary data. Base64 gives you the ability to easily and portablely represent binary data as a string.

As much as possible, this is most likely just for the convenience and use of standard coding between many different pieces of their software. This is nothing special, except that it is a widely used encoding.

Why is base64 encoding an API authorization key?

More articles: