...
To start, you'll need to build your input string. Your string-to-be-signed should always include the ? query parameter delimiter regardless of whether or not there are query string parameters.
GET requests
To start, you'll need to build up a string that includes the request method GET
, the host name (e.g.api.ticketevolution.com
), the path (e.g. /brokerages
), and an optional query string that must be sorted by key (e.g. ?page=1&per_page=1
).
...
GET api.ticketevolution.com/v9/categories?
POST, PUT, DELETE requests
In the case of POST
,PUT
and DELETE
requests when a request body is present, the request body should be used in the source string in lieu of the query string.
POST api.ticketevolution.com/v9/clients?{"clients":[{"name":"Elissa Weimann"}]}
Calculating the
...
signature
Once you've built up the input string as shown above, it should be hashed using HMAC-SHA256 using the secret obtained in the Brokerage management console in the Broker Exchange. In Ruby, this might look like thisHere are some examples:
Ruby
Code Block | ||||
---|---|---|---|---|
| ||||
require 'base64' require 'openssl' secret = "xyz" request = "GET api.ticketevolution.com/v9/brokerages?page=1&per_page=1" digest = OpenSSL::Digest::Digest.new('sha256') signature = Base64.encode64(OpenSSL::HMAC.digest(digest, secret, request)).chomp puts signature # => "ohGcFIHF3vg75A8Kpg42LNxuQpQZJsTBKv8xnZASzu0=" |
PHP
Code Block | ||||
---|---|---|---|---|
| ||||
$secret = 'xyz';
$request = 'GET api.ticketevolution.com/v9/brokerages?page=1&per_page=1';
$signature = base64_encode(hash_hmac('sha256', $request, $secret, true));
echo $signature; // Outputs ohGcFIHF3vg75A8Kpg42LNxuQpQZJsTBKv8xnZASzu0=
|
Swift
Code Block | ||||
---|---|---|---|---|
| ||||
func digest(secret: String, request: String) -> String! {
let key = secret.cStringUsingEncoding(NSUTF8StringEncoding)
let data = request.cStringUsingEncoding(NSUTF8StringEncoding)
let result = UnsafeMutablePointer<CUnsignedChar>.alloc(Int(CC_SHA256_DIGEST_LENGTH))
CCHmac(CCHmacAlgorithm(kCCHmacAlgSHA256), key!, strlen(key!), data!, strlen(data!), result)
let HMAC = NSData(bytes: result, length:Int(CC_SHA256_DIGEST_LENGTH))
let signature = HMAC.base64EncodedStringWithOptions(NSDataBase64EncodingOptions.EncodingEndLineWithLineFeed)
result.destroy()
return signature
} |
This hashed string should then be passed in theX-Signature
header. If the secret werexyz
, this would look likeX-Signature: ohGcFIHF3vg75A8Kpg42LNxuQpQZJsTBKv8xnZASzu0=
. A curl request might look like this:
...