Search
K

Using Signature (Recommended)

If you use one of the supplied SDKs, there is no reason to use the code in the following section as the signature can be generated by calling the generate_signature function. The generated signature has to be passed as a string in your request.

Overview

To communicate with our system we require a signature on each request to ensure that both parties are who they say they are. To calculate your signature, you will need your partner ID and API Key for Signature, both of which are available on the portal.

API Key for Signature

You can find and generate your an API key here. The key is unique to each environment, so you will need a different key for the sandbox and production environments. You can rotate your API key any time, however your previous key will be immediately disabled.

Partner ID

You will need to know your partner ID, to create the signature. Your partner ID can be viewed when logged into the portal. To calculate your signature you will need to input your partner ID as a string, as explained below
Your partner ID: 085
String Value of your partner ID: "085"

Generating the signature

Follow the steps below to generate your signature
  1. 1.
    Create a timestamp in an ISO date format
  2. 2.
    Create a new hmac-sha256 hash function using Signature API Key.
  3. 3.
    Update the function message with timestamp created in 1, your partner Id, and "sid_request" string
  4. 4.
    Base64 encode the encrypted hash
Example code for creating the signature
Ruby
Node.js
Python
PHP
Java
C#
require 'openssl'
require 'time'
require 'base64'
timestamp = Time.now.to_s
api_key = '<Your Signature API Key>'
partner_id = '<Your partner id>'
hmac = OpenSSL::HMAC.new(api_key, 'sha256')
hmac.update(timestamp) hmac.update(partner_id)
hmac.update("sid_request")
signature = Base64.strict_encode64(hmac.digest())
let crypto = require('crypto');
let timestamp = new Date().toISOString();
let api_key = "<Your Signature API Key>";
let partner_id = "<Your partner id>";
let hmac = crypto.createHmac('sha256', api_key);
hmac.update(timestamp, 'utf8');
hmac.update(partner_id, 'utf8');
hmac.update("sid_request", 'utf8');
let signature = hmac.digest().toString('base64');
import base64
import hashlib
import hmac
from datetime import datetime
timestamp = datetime.now().isoformat()
partner_id = "<Your partner id>"
api_key = "<Your Signature API Key>"
hmac_new = hmac.new(api_key.encode("utf-8"), digestmod=hashlib.sha256)
hmac_new.update(timestamp.encode("utf-8"))
hmac_new.update(str(partner_id).encode("utf-8"))
hmac_new.update("sid_request".encode("utf-8"))
calculated_signature = base64.b64encode(hmac_new.digest()).decode("utf-8")
$api_key = "<Your Signature API Key>";
$partner_id = "<Your partner id>";
$timestamp = time();
$message = $timestamp.$partner_id."sid_request";
$signature = base64_encode(hash_hmac('sha256', $message, $api_key, true));
String apiKey = "<Your Signature API Key>";
String partnerId = "<Your partner id>";
Long timestamp = System.currentTimeMillis();
Mac mac = Mac.getInstance("HmacSHA256");
mac.init(new SecretKeySpec(apiKey.getBytes(), "HmacSHA256"));
mac.update(new SimpleDateFormat(DATE_TIME_FORMAT).format(timestamp).getBytes(StandardCharsets.UTF_8));
mac.update(partnerId.getBytes(StandardCharsets.UTF_8));
mac.update("sid_request".getBytes(StandardCharsets.UTF_8));
String signature = Base64.getEncoder().encodeToString(mac.doFinal());
using System;
using System.Security.Cryptography;
using System.Text;
namespace csharp_sample
{
class Program
{
static void Main(string[] args)
{
string timeStamp = DateTime.UtcNow.ToString("yyyy-MM-dd'T'HH:mm:ss.fffK", System.Globalization.CultureInfo.InvariantCulture);
string apiKey = "513205c6-c420-44e5-ab85-370986dc3f19";
string partnerID = "1622";
string data = timeStamp + partnerID + "sid_request";
UTF8Encoding utf8 = new UTF8Encoding();
Byte[] key = utf8.GetBytes(apiKey);
Byte[] message = utf8.GetBytes(data);
HMACSHA256 hash = new HMACSHA256(key);
var signature = hash.ComputeHash(message);
Console.WriteLine("Signature: " + Convert.ToBase64String(signature));
Console.WriteLine("TimeStamp: " + timeStamp);
}
}
}
Reminder: You must pass the signature as a string in your request