Signature Mismatch
URI: https://docs.ankatech.co/errors/signature-mismatch
HTTP Status: 400 Bad Request
When you see this
An audit record's tamper-evidence signature did not verify. The stored or supplied HMAC signature does not match the canonical content, indicating the record may have been altered.
Common Causes
- A supplied signature that does not match the audit event content.
- An audit record whose canonical fields were modified after signing.
- A verification request against content that does not correspond to the signature.
Response Example
{
"type": "https://docs.ankatech.co/errors/signature-mismatch",
"title": "Signature Mismatch",
"status": 400,
"detail": "The audit record signature did not verify against its canonical content.",
"instance": "/api/v3/audit/tenant/crypto/verify",
"correlationId": "550e8400-e29b-41d4-a716-446655440000",
"timestamp": 1730000000
}
Content-Type: application/problem+json — the response follows RFC 7807 Problem Details.
How to Resolve
- Confirm you are verifying the exact, unmodified audit record content.
- Re-fetch the audit record and re-run verification against the canonical fields.
- If a genuine mismatch persists, treat the record as suspect and contact support with the
correlationId.
For full schema definitions, examples, and interactive testing, see the Developer Hub Reference.