Versions Compared

Old Version 14

changes.mady.by.user J Cobb

Saved on

compared with

New Version 15

changes.mady.by.user J Cobb

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

To start, you'll need to build up a string that includes the request method GET, the host name (e.g.api.ticketevolution.com), the path (e.g. /brokerages), and an optional query string that must be sorted by key (e.g. ?page=1&per_page=1).

 

Info

Seriously, if you do not sort your query string alphabetically by key you will get a 401 error.

 

Here's what that full string should look like when you put it all together:

...

Once you've built up the input string as shown above, it should be hashed using HMAC-SHA256 using the secret obtained in the Brokerage management console in the Broker Exchange. Here Below are some examples and examples for some additional languages can ebe found at http://www.jokecamp.com/blog/examples-of-creating-base64-hashes-using-hmac-sha256-in-different-languages/:

 

Ruby

Code Block
languageruby
themeConfluencelanguageruby
require 'base64'
require 'openssl'

secret = "xyz"
request = "GET api.ticketevolution.com/v9/brokerages?page=1&per_page=1"

digest = OpenSSL::Digest::Digest.new('sha256')
signature = Base64.encode64(OpenSSL::HMAC.digest(digest, secret, request)).chomp

puts signature # => "ohGcFIHF3vg75A8Kpg42LNxuQpQZJsTBKv8xnZASzu0="

PHP

Code Block
languagephp
themeConfluence
languagephp
$secret = 'xyz';
$request = 'GET api.ticketevolution.com/v9/brokerages?page=1&per_page=1';
$signature = base64_encode(hash_hmac('sha256', $request, $secret, true));
echo $signature; // Outputs ohGcFIHF3vg75A8Kpg42LNxuQpQZJsTBKv8xnZASzu0=

Swift

Code Block
languagecpp
themeConfluence
languagecpp
func digest(secret: String, request: String) -> String! {
    let key = secret.cStringUsingEncoding(NSUTF8StringEncoding)
    let data = request.cStringUsingEncoding(NSUTF8StringEncoding)
    let result = UnsafeMutablePointer<CUnsignedChar>.alloc(Int(CC_SHA256_DIGEST_LENGTH))
    CCHmac(CCHmacAlgorithm(kCCHmacAlgSHA256), key!, strlen(key!), data!, strlen(data!), result)
    let HMAC = NSData(bytes: result, length:Int(CC_SHA256_DIGEST_LENGTH))
    let signature = HMAC.base64EncodedStringWithOptions(NSDataBase64EncodingOptions.EncodingEndLineWithLineFeed)
    result.destroy()
    return signature
}

...

This hashed string should then be passed in the X-Signature header. If the secret were xyz, this would look like X-Signature: ohGcFIHF3vg75A8Kpg42LNxuQpQZJsTBKv8xnZASzu0=. A curl request might look like this:
Code Block
languagebash
themeConfluencelanguagebash
curl -i \
  -H Accept: application/json \
  -H X-Signature: ohGcFIHF3vg75A8Kpg42LNxuQpQZJsTBKv8xnZASzu0= \
  -H X-Token: abc \
  -X GET
  'http://api.ticketevolution.com/v9/brokerages?page=1&per_page=1'

...