diff --git a/lib/valence.js b/lib/valence.js
index 14c3eac..546e349 100755
--- a/lib/valence.js
+++ b/lib/valence.js
@@ -350,9 +350,13 @@ D2L.UserContext =
  */
 D2L.UserContext.prototype.createAuthenticatedUrl =
 	function (path, method) {
+		function stripQuery(url) {
+			return url.split('?')[0];
+		}
+
 		var params = {},
 			timestamp = this.skew + D2L.Util.getTimestamp(),
-			signatureData = method.toUpperCase() + '&' + decodeURI(path).toLowerCase() + '&' + timestamp;
+			signatureData = method.toUpperCase() + '&' + stripQuery(decodeURI(path).toLowerCase()) + '&' + timestamp;
 
 		params[D2L.Auth.TIMESTAMP_PARAM] = timestamp;
 		params[D2L.Auth.APP_ID_PARAM] = this.appId;
diff --git a/spec/createAuthenticatedUrl_spec.js b/spec/createAuthenticatedUrl_spec.js
new file mode 100644
index 0000000..3300b4d
--- /dev/null
+++ b/spec/createAuthenticatedUrl_spec.js
@@ -0,0 +1,28 @@
+'use strict';
+
+var expect = require('chai').expect,
+	url = require('url');
+
+var D2L = require('../');
+
+describe('D2L.UserContext.createAuthenticatedUrl', function () {
+	var appContext;
+	var userContext;
+
+	before(function (done) {
+		appContext = new D2L.ApplicationContext('foo', 'bar');
+		userContext = appContext.createUserContextWithValues('http://somelms.edu', 80, 'baz', 'quux', 0);
+		done();
+	});
+
+	it('should not include query params in signature', function (done) {
+		var urlWith = url.parse(userContext.createAuthenticatedUrl('/d2l/api/foo?bar=baz', 'GET'), true);
+		var urlWithout = url.parse(userContext.createAuthenticatedUrl('/d2l/api/foo', 'GET'), true);
+
+		expect(urlWith.query['x_c']).to.equal(urlWithout.query['x_c']);
+		expect(urlWith.query['x_d']).to.equal(urlWithout.query['x_d']);
+
+		done();
+	});
+});
+