Skip to content

Signature Mismatch

URI: https://docs.ankatech.co/errors/signature-mismatch
HTTP Status: 400 Bad Request

When you see this

An audit record's tamper-evidence signature did not verify. The stored or supplied HMAC signature does not match the canonical content, indicating the record may have been altered.

Common Causes

  • A supplied signature that does not match the audit event content.
  • An audit record whose canonical fields were modified after signing.
  • A verification request against content that does not correspond to the signature.

Response Example

{
  "type": "https://docs.ankatech.co/errors/signature-mismatch",
  "title": "Signature Mismatch",
  "status": 400,
  "detail": "The audit record signature did not verify against its canonical content.",
  "instance": "/api/v3/audit/tenant/crypto/verify",
  "correlationId": "550e8400-e29b-41d4-a716-446655440000",
  "timestamp": 1730000000
}

Content-Type: application/problem+json — the response follows RFC 7807 Problem Details.

How to Resolve

  1. Confirm you are verifying the exact, unmodified audit record content.
  2. Re-fetch the audit record and re-run verification against the canonical fields.
  3. If a genuine mismatch persists, treat the record as suspect and contact support with the correlationId.

For full schema definitions, examples, and interactive testing, see the Developer Hub Reference.