Exception Received error [{ "message" : "Invalid signature for signature method HMAC-SHA1", "error" : "The request has not been applied because it lacks valid authentication credentials for the target resource." } ]

I'm working Garmin Health API Integration. Regarding "Acquire Unauthorized Request Token and Token Secret" API integration, I have followed Signature Base String scenario mentioned on "Garmin Connect OAuth Specification" documment.

I'm facing issue related "Acquire Unauthorized Request Token and Token Secret" response. I got response as "Invalid signature for signature method HMAC-SHA1".

Below is my Authorization header:

{Connection: keep-alive, Content-Type: text/plain, Host: connectapi.garmin.com, Accept: */*, Authorization: OAuth oauth_consumer_key=<consumer_key>, oauth_nonce="wyjoejizhpw", oauth_signature=<signature>, oauth_signature_method="HMAC-SHA1", oauth_timestamp="1612243810", oauth_version="1.0"}

Can you provide me solution, What is the issue while passing Authorization header values. So i will get "oauth_token" & "oauth_token_secret" values in success response.

I am getting a 401 while hitting 

I've managed to get this working after quite a bit of trial and error and actually going into researching HMAC-SHA1 and what it does.

Most likely what's going on is that you are not correctly hashing the URL with the appropriate tokens. That was my issue anyway. Since there are 2 URLs (request and access), you will need to write up code that handles both of them, as separate URLs requiring separate tokens.

I have a working solution for this on Gumroad for anyone interested. Cheers!

In my case I was getting this message but the problem was not authentication. I added  'Content-Type': 'application/json' to the headers and escaped the json payload of the request body, and it worked.