I want to retrieve data from my DocumentDB database without a middleware, because I have to implement this into my Ionic App.

I followed this documentation from Microsoft, and even used the exact same code from this documentation (with Browserify).

In order to test the connection I use Postman, where I input all the required headers. For the master-key I used the primary-key from DocumentDB.

Problem is, that the response from the DocumentDB is always the following:

{
  "code": "Unauthorized",
  "message": "The input authorization token can't serve the request. Please check that the expected payload is built as per the protocol, and check the key being used. Server used the following payload to sign: 'post\ndbs\n\nthu, 29 sep 2016 10:46:49 gmt\n\n'\r\nActivityId: f7ce147d-6ff9-4e4f-aaff-39d3769cc399"
}

What am I doing wrong?

The JS looks like this:

var Buffer = require('buffer/').Buffer;
var crypto = require("crypto");
var headers = new Array();
headers['x-ms-date'] = "Thu, 29 Sep 2016 17:50:49 GMT";

function getAuthorizationTokenUsingMasterKey(verb, resourceType, resourceId, headers, masterKey) {
  var key = new Buffer(masterKey, "base64");

  var text = (verb || "").toLowerCase() + "\n" +
             (resourceType || "").toLowerCase() + "\n" +
             (resourceId || "") + "\n" +
             (headers["x-ms-date"] || "").toLowerCase() + "\n" +
             "" + "\n";

  var body = new Buffer(text, "utf8");
  var signature = crypto.createHmac("sha256", key).update(body).digest("base64");
  var MasterToken = "master";
  var TokenVersion = "1.0";

  return "type=" + MasterToken + "&ver=" + TokenVersion + "&sig=" + signature;
}
console.log(getAuthorizationTokenUsingMasterKey("POST", "docs", "test_collection_1", headers, "CJTR8odBZJklUUixWPZDRdTXqJrfLpfhTLk...wO2oPHgPyjuBkbhrjTlvKhRxsAAeig=="));

And my headers in Postman looks like that:

POST request to https://example-database.documents.azure.com/dbs

x-ms-documentdb-isquery: True
x-ms-date: Thu, 29 Sep 2016 17:50:49 GMT
authorization: type%3Dmaster%26ver%3D1.0%26sig%3D3240f1fa7a05...cf845c746bcbb5a1
x-ms-version: 2015-12-16
x-ms-query-enable-crosspartition: true
Accept: application/json
Content-Type: application/query+json

You might want to just grab and adapt the code from the Azure-provided node.js SDK for DocumentDB. This is the file you want: https://github.com/Azure/azure-documentdb-node/blob/master/source/lib/auth.js

You should confirm if your 'text' variable exactly matches the payload returned in the error after "Server used the following payload to sign:". It seems you're making a similar error to the guy here in the "resourceId" part of the payload: DocumentDB - DELETE causes 401 error. For example, it seems like in the example you've posted above, you're using just the document name rather than the full resource link. Take a look at my answer to that question - it should explain the correct method.

According your error message, your authorization signature didn't match the resource in DocumentDB you attempted to approach. To use PostMan to test the connection, you need to implement a correct Http request against the REST APIs of Document DB.

E.G.

You can try to list the DBs in DocumentDB via https://msdn.microsoft.com/en-us/library/azure/mt489065.aspx.

Generate the authorization header via:

console.log(getAuthorizationTokenUsingMasterKey("GET", "dbs", "", headers, "{your_key}"));

And in PostMan:

GET request to https://example-database.documents.azure.com/dbs
x-ms-date: Thu, 29 Sep 2016 17:50:49 GMT
authorization: type%3Dmaster%26ver%3D1.0%26sig%3D....
x-ms-version: 2015-08-06

About how to generate the authorization token against DocumentDB Rest APIs, you can refer to https://msdn.microsoft.com/library/azure/dn783368.aspx for details.