Authentication
Request made to the server require authentication. To do so you will need an access_key and secret_key. Those are made available after signing up for a premium subscription.
The request message should also contain a timestamp representing the current time (ISO 8601) and the HMAC signature. With the HMAC signature we will be able to authenticate your request and verify the data integrity. To build the signature you need to:
- Use the request message parameters and its values to produce a url_query_string representation needed to generate the HMAC signature. The parameters must be ordered by the key string and the key-value pairs should be url encoded (Care for special characters such as ~ / & = + <space>. Some need to be escaped or replaced). You should be looking for something like this:
access_key=FFFFFF&status=success×tamp=2011-01-01T00%3A00%3A00%2B01%3A00
- To produce the hmac_signature_data concatenate (semicolons ; between each of the following) the HTTP request method (e.g., POST, GET), API hostname i.e. api.jscrambler.com, the resource path e.g. /code.json and the url_query_string generated from the message parameters. You should be looking for something like this:
GET;api.jscrambler.com;/code;access_key=FFFFFF&status=success&...
- To generate_hmac_signature use the previously created hmac_signature_data and your secret_key as input of the SHA256 HMAC hash function.
- Finally, encode the HMAC digest with base 64 and you have the signature parameter to add to your request message.
Complement the reading by checking the API client examples.
|
|
