To use API, you must authenticate your requests with HMAC. For HMAC authentication please use the SHA256 algorithm. You will need to generate an HMAC signature using HMAC shared secret API key and request payload by passing it in JSON.stringify() format.
The signature should be added to the request headers as follows:
Common Header Parameters:
To generate the HMAC signature, you should use API Signature key and JSON stringify request body payload that is described below:
How to generate signatures using Python
Python
import requests
import hmac
import hashlib
import json
secret_key = 'API Signature key'
data = {
"order": {
"id": "testOrder-001",
"currency": "PKR",
"order_amount": 20
},
"customer": {
"name": "John",
"email": "john@gmail.com",
"phone": "12345678990"
},
"metadata": {
"key": "value"
},
"description": "any description"
}
message = json.dumps(data, separators=(',', ':'))
signature = hmac.new(secret_key, message, hashlib.sha256).hexdigest()How to generate signatures using PHP
PHP
$payload = array(
"order" => array(
"id" => "testOrder-999",
"currency" => "PKR",
"order_amount" => 20,
),
"customer" => array(
"name" => "John",
"email" => "john@gmail.com",
"phone" => "12345678990",
),
"metadata" => array(
"key" => "value",
),
"description" => "any description",
);
$data = json_encode($payload);
$hmac_sc_api = 'API Signature key';
$hash = hash_hmac('sha256', $data, $hmac_sc_api);
echo $hash;
?>How to generate signature in Node
To add HMAC signature to a REST API request in Express you can follow these steps:
- Install the crypto-js package which provides the HMAC algorithm implementation for Node.js: npm install crypto-js
- Create a function that will be used to generate the HMAC signature for the request. This function should accept the HTTP method, request URL, request body, and the secret key as arguments.
JavaScript
const crypto = require('crypto');
const body = {
"order": {
"id": "testOrder-999",
"currency": "PKR",
"order_amount": 20
},
"customer": {
"name": "John",
"email": "john@gmail.com",
"phone": "12345678990"
},
"metadata": {
"key": "value"
},
"description": "any description"
}
const data = JSON.stringify(body);
const secretKey = 'API Signature key';
const signature = crypto.createHmac('SHA256', secretKey).update(data).digest('hex');
return signature;