Signature parameter: Difference between revisions

Signature parameter

Many operations require a signature of the request, this signature is the SHA-1 hash of the arguments sorted by key, preceded by your private key. The private key to use depends on the component being called. If the component requires an authkey, then the private key to use is the one associated to that authkey. In other cases, you must use the private key associatef to your shared key.

For example, for the following request:

http://api.safecreative.org/v2/
?ztime=20081106141840
&sharedkey=fDsm8YO9SaupC5TChOsB6w
&component=authkey.create

You must get the key/value pairs (values should not be URL-encoded):

ztime = 20081106141840
sharedkey = fDsm8YO9SaupC5TChOsB6w
component = authkey.create

Sort this list by key:

component = authkey.create
sharedkey = fDsm8YO9SaupC5TChOsB6w
ztime = 20081106141840

Build a data stream with the private key (in this case, the one associated to your shared key) followed by the sorted pairs, all separated by ampersand (&):

{private_key}&component=authkey.create&sharedkey=fDsm8YO9SaupC5TChOsB6w&ztime=20081106141840

Calculate de SHA1 of the previous UTF-8 data stream:

SHA1(data)=4a285c1501646b41896a065add2311ffcde889ce

Finally, you must append the SHA1 to the request as the signature parameter:

http://api.safecreative.org/0.2
?ztime=20081106141840
&sharedkey=fDsm8YO9SaupC5TChOsB6w
&component=authkey.create
&signature=4a285c1501646b41896a065add2311ffcde889ce