Help with authorization for WC1 API

agupta2
agupta2 Newcomer
edited October 1 in World-Check One

I refer the authorization Document and in document mention below
Given the above signing text, if a secret key of “1234” is used, the computed HMAC-SHA256 value would be 

224B73FC07571E60E8B8D9BAB8107C656D3171F346B96183C665FD4C5330B85D

 when printed using hex encoding, or 

Iktz/AdXHmDouNm6uBB8ZW0xcfNGuWGDxmX9TFMwuF0=

 when printed using base64 encoding.

Can anyone please guide me in the correct way on how to generate the authorization?

I am aware that the signature should be generated using HMAC but the official documentation is not entirely clear on what data to use as input

Tagged:

Answers

  • Hi @agupta2,

    Thank you for your query. To clarify, the base64-encoded value is what gets included in the Authorization header.

    The string used for signing (prior to hashing), is constructed using the following components, formatted according to the HTTP Signature specification:

    • The HTTP request line
    • The following HTTP headers:
      • Content-Length (if the request includes a payload)
      • Content-Type (if the request includes a payload)
      • Date
      • Host
    • The complete HTTP request payload (if present)

    Please refer to the documentation for details on Authentication and Authorization. A library with sample code is also available to help with HMAC authentication.
    Let us know if you need any further support.

    Thanks,
    Ram.