"message": "Credential should be scoped to correct service." - AWS IoT

0 votes

I've been unable to access a simple AWS IOT REST service yet. 
This is what I did:- 
Downloaded the access key and secret key after creating an iam user in my AWS
Logged in to AWS IoT with the same and created a "thing"
Found the REST URL for the shadow in the thing's property 
provided the access key, secret key, region, and service name(iot) to Postman with new "aws signature" feature
Attempted to "GET" the endpoint and here is what I got:

{
      "message": "Credential should be scoped to correct service. ",
      "traceId": "be056198-d202-455f-ab85-805defd1260d"
}

Thinking that there was something wrong with postman, I tried to use the aws-sdk-sample example for connecting to S3 and changed it to connect to the IOT URL. The following is my code snippet:

String awsAccessKey = "fasfasfasdfsdafs";
String awsSecretKey = "asdfasdfasfasdfasdfasdf/asdfsdafsd/fsdafasdf";

URL  endpointUrl = null;
String regionName = "us-east-1";
try {
    endpointUrl = new URL("https://dasfsdfasdf.iot.us-east-1.amazonaws.com/things/SOMETHING/shadow");
}catch (Exception e){
    e.printStackTrace();
}
Map<String, String> headers = new HashMap<String, String>();
headers.put("x-amz-content-sha256", AWSSignerBase.EMPTY_BODY_SHA256);

AWSSignerForAuthorizationHeader signer = new AWSSignerForAuthorizationHeader(
        endpointUrl, "GET", "iot", regionName);
String authorization = signer.computeSignature(headers,
        null, // no query parameters
        AWSSignerBase.EMPTY_BODY_SHA256,
        awsAccessKey,
        awsSecretKey);

// place the computed signature into a formatted 'Authorization' header
// and call S3
headers.put("Authorization", authorization);
String response = HttpUtils.invokeHttpRequest(endpointUrl, "GET", headers, null);
System.out.println("--------- Response content ---------");
System.out.println(response);
System.out.println("------------------------------------");

Got the same error here:-

--------- Request headers ---------
x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Authorization: AWS4-HMAC-SHA256 Credential=fasfasfasdfsdafs/20160212/us-east-1/iot/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=3b2194051a8dde8fe617219c78c2a79b77ec92338028e9e917a74e8307f4e914
x-amz-date: 20160212T182525Z
Host: dasfsdfasdf.iot.us-east-1.amazonaws.com
--------- Response content ---------
{"message":"Credential should be scoped to correct service. ","traceId":"cd3e0d96-82fa-4da5-a4e1-b736af6c5e34"}
------------------------------------

The AWS documentation isn't helping much, so is there anyone who can tell me if I'm doing something wrong? TIA

Oct 9, 2018 in IoT (Internet of Things) by Bharani
• 4,550 points
971 views

1 answer to this question.

0 votes

You should sign your request with iotdata instead of just iot and it'll solve the problem.

Like here:

AWSSignerForAuthorizationHeader signer = new AWSSignerForAuthorizationHeader(
    endpointUrl, "GET", "iotdata", regionName);
answered Oct 9, 2018 by DataKing99
• 8,130 points

Related Questions In IoT (Internet of Things)

0 votes
1 answer

Azure - What service to use for Arduino data (iot)

That's because the two services do completely ...READ MORE

answered Aug 1, 2018 in IoT (Internet of Things) by anonymous2
• 4,260 points
111 views
0 votes
1 answer

Send data from cloud to aws iot thing

Your solution is not recommend because there ...READ MORE

answered Aug 2, 2018 in IoT (Internet of Things) by anonymous2
• 4,260 points
118 views
0 votes
1 answer

Using FIWARE to start Cygnus as a Service in IoT Solution

Cygnus is supposed to create /var/run/cygnus/ when started. You ...READ MORE

answered Aug 13, 2018 in IoT (Internet of Things) by anonymous2
• 4,260 points
84 views
0 votes
1 answer

AWS IOT Button Wifi network name

You can read about the complete setup ...READ MORE

answered Oct 12, 2018 in IoT (Internet of Things) by Annie97
• 2,190 points
51 views
0 votes
1 answer

How to update shadow with Single AWS IOT rule

You need to use + instead of ...READ MORE

answered Oct 15, 2018 in AWS by Priyaj
• 56,920 points
348 views
0 votes
1 answer

How to use the data I receive from Azure IoT Hub?

The payload you receive will be a ...READ MORE

answered Aug 1, 2018 in IoT (Internet of Things) by DataKing99
• 8,130 points
644 views