Does anyone else get fairly frequent 401 Unauthorized errors when using the REST API? Most of the time I retry immediately and the call succeeds. When that happens the audit log shows

InvalidSignature

but I'm not sure how my code could create valid signatures sometimes and fail other times. Doesn't seem like it should be so hit or miss.

if its postman, you probably arent encoding the parameters in the authorization header

This is in my C# utility. It seems like if I were missing a step (like encoding) it would fail every time, not intermittently. That's the weird part to me.

you will only fail encoding when your signature includes a character that needs to be encoded, like a plus, equal or slash

I'm escaping the parameters going into the signature but didn't think about escaping the generated signature value. That makes sense though and seems to do the trick. And thanks for the tip on the library. I've worked with the SOAP API for so long and had to generate my own code for all of it. This is my first project using the REST interface so I used my SOAP setup as a starting point. RestSharp is probably a better option. Thanks for the recommendation.