> ## Documentation Index > Fetch the complete documentation index at: https://cloudinary.com/documentation/llms.txt > Use this file to discover all available pages before exploring further. # Signatures Cloudinary uses digital signatures both to verify the integrity of a message and to provide authentication for communicating over the Internet using the HTTP protocol. Signatures can help ensure that the message was not tampered with during transit and provide an additional layer of security to ensure that even if the transport channel has been compromised, the contents can still be verified. Cloudinary's SDKs take care of the signature generation where needed for communication with Cloudinary, so you will only need to manually write the code for generating a signature when *NOT* using our SDKs or when you want to verify a signature that was sent from Cloudinary. The following table summarizes Cloudinary's signature usage and the payload signed in each case. {table:class=no-borders overview} Signature usage | Example use case | Payload to sign ---|---|--- [Generating authentication signatures](authentication_signatures) | Authenticating a POST request | A string with the parameters used in the POST request to Cloudinary:From your POST body, take every parameter **except** `file`, `cloud_name`, `resource_type`, and `api_key`, and **include** `timestamp`. That's the set of fields you turn into the serialized string before you append the secret.When you are **not** sending any optional upload parameters in the POST body, the only `name=value` pair in the serialized string is for **`timestamp`** (for example, `timestamp=1315060510`).When you **are** sending optional upload parameters in the POST body (for example, `public_id` or `eager`), build the serialized string from one `name=value` for each field in that set, **sort alphabetically by parameter name**, and join the pairs with `&`.Append your **API secret** to the serialized parameter string with no delimiter, then hash.**Note**: Separate multiple values for any array parameters with commas (e.g., public_ids=cat,dog,lion). [Verifying notification signatures](notification_signatures) | Verifying a signature in the header of a notification sent from Cloudinary | A string containing the entire response *body* with the *X-Cld-Timestamp* value appended on the end of the string. [Generating delivery URL signatures](delivery_url_signatures) | The signature component of a signed delivery URL of the format: `/s--SIGNATURE--/` | A string including all the components of the delivery URL that will come after the signature component. [Verifying signatures in the JSON response](response_signatures) | Verifying the signature parameter returned in the response to a method call. | A string with the `public_id` and `version` parameters, separated from their values with an `=` and then joined together with an `&`.