Authentication

This section is intended to describe authentication way to interact with SwiftFederation APIs.

1. Authorization Header and Format

  • Authorization Header Definition
Field Description
signatureAlgorithm Signature Algorithm. E.g. HMAC-SHA256
accessKeyId Access key id that is assigned to customer to call APIs.
signature Signature is the string which is signed based on request headers, request path, request method, access key ID and request body with access key secret. Please refer to “Signature Algorithm”.
Note: Conversant will send access credential for access key ID and access key secret to customer/partners who is going to call the APIs currently.
  • Authorization Header Format
Authorization:${signatureAlgorithm} ${accessKeyId}:${signature}


2. Signature Algorithm

  • Populate signing string
${HTTPMethod}+"\n"+${URI}+"\n"+${x-sfd-date}+"\n"+${x-sfd-nonce}+"\n"+${accessKeyId}+ "\n"+${requestBody} 

e.g. 

POST\n/v1.0/report/bandwidth\n20180330T200550Z\n90355\ncdn123456\n{"domains":["www.example1.com","www.example2.com"],"startTime":"2018-03-29T17:35:00Z","startTime":"2018-03-29T 17:45:00Z"}
Note1: Request method should be converted to uppercase, e.g. POST
Note2: "\n" means 0x0A, LR.


  • Generate Signature

Calculate signature of signing string by using HMAC-SHA256 algorithm with access key secret. And then use hex to encode signature to string.

byte[] signatureBytes = hmacSha256(${accessKeySecret}, ${signingString}); 

String signature = Hex.encodeHex(signatureBytes);
© 2019 Conversant Solutions Pte Ltd. All rights reserved.            Updated 2019-04-01 15:55:54

results matching ""

    No results matching ""