Versions Compared

Old Version 13

changes.mady.by.user J Cobb

Saved on

compared with

New Version 14

changes.mady.by.user J Cobb

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Added more code examples

...

To start, you'll need to build your input string. Your string-to-be-signed should always include the ? query parameter delimiter regardless of whether or not there are query string parameters.

GET requests

To start, you'll need to build up a string that includes the request method GET, the host name (e.g.api.ticketevolution.com), the path (e.g. /brokerages), and an optional query string that must be sorted by key (e.g. ?page=1&per_page=1).

...

GET api.ticketevolution.com/v9/categories?

POST, PUT, DELETE requests

In the case of POST,PUT and DELETE requests when a request body is present, the request body should be used in the source string in lieu of the query string.

POST api.ticketevolution.com/v9/clients?{"clients":[{"name":"Elissa Weimann"}]}

Calculating the

...

signature

Use our X-Signature Generator to check if the signatures you're making are correct, and generate cURL requests right in the browser.

Once you've built up the input string as shown above, it should be hashed using HMAC-SHA256 using the secret obtained in the Brokerage management console in the Broker Exchange. In Ruby, this might look like thisHere are some examples:

 

Ruby

Code Block
themeConfluence
languageruby
require 'base64'
require 'openssl'

secret = "xyz"
request = "GET api.ticketevolution.com/v9/brokerages?page=1&per_page=1"

digest = OpenSSL::Digest::Digest.new('sha256')
signature = Base64.encode64(OpenSSL::HMAC.digest(digest, secret, request)).chomp

puts signature # => "ohGcFIHF3vg75A8Kpg42LNxuQpQZJsTBKv8xnZASzu0="

PHP

Code Block
themeConfluence
languagephp
$secret = 'xyz';
$request = 'GET api.ticketevolution.com/v9/brokerages?page=1&per_page=1';
$signature = base64_encode(hash_hmac('sha256', $request, $secret, true));
echo $signature; // Outputs ohGcFIHF3vg75A8Kpg42LNxuQpQZJsTBKv8xnZASzu0=

Swift

Code Block
themeConfluence
languagecpp
func digest(secret: String, request: String) -> String! {
    let key = secret.cStringUsingEncoding(NSUTF8StringEncoding)
    let data = request.cStringUsingEncoding(NSUTF8StringEncoding)
    let result = UnsafeMutablePointer<CUnsignedChar>.alloc(Int(CC_SHA256_DIGEST_LENGTH))
    CCHmac(CCHmacAlgorithm(kCCHmacAlgSHA256), key!, strlen(key!), data!, strlen(data!), result)
    let HMAC = NSData(bytes: result, length:Int(CC_SHA256_DIGEST_LENGTH))
    let signature = HMAC.base64EncodedStringWithOptions(NSDataBase64EncodingOptions.EncodingEndLineWithLineFeed)
    result.destroy()
    return signature
}


This hashed string should then be passed in the X-Signature header. If the secret were xyz, this would look like X-Signature: ohGcFIHF3vg75A8Kpg42LNxuQpQZJsTBKv8xnZASzu0=. A curl request might look like this:

...