As Steffen notes, the API is much easier to use than direct REST calls (especially the reasonably new command line interface - which is much lighter and possibly easier to use as a result of JSON integration than the original command line tools for by-products)
... but if you decide:
It is a bit like documentation, but the following links seem to lead us to the answer:
1) a high-level description of "AUTHPARAMS" (as is often mentioned in the API documentation).
Authparams
Parameters required for authentication Conditional request. Contains:
AWSAccessKeyID
SignatureVersion
Mark
Signature
Default: None
Requires: Conditional
2) a step by step parameters needed for a REST request:
3) a detailed outline of the method for obtaining a "signature for" AUTHPARAMS "
This is an example in the documentation (I added new lines to make reading easier)
https://elasticmapreduce.amazonaws.com? AWSAccessKeyId=AKIAIOSFODNN7EXAMPLE& Action=DescribeJobFlows& SignatureMethod=HmacSHA256& SignatureVersion=2& Timestamp=2011-10-03T15%3A19%3A30& Version=2009-03-31& Signature=i91nKc4PWAt0JJIdXwz9HxZCJDdiy6cf%2FMj6vPxyYIs%3D
4) In addition, there is some general information about signatures