M2 API hash construction

From Kolmisoft Wiki

Jump to: navigation, search

[edit] Description

In M2 MOR API methods we use hash parameter for better security.



[edit] Generate hash

How to construct hash to authenticate data over API

  • Concatenate all values you want to send into a single string. During hash generation you can order params the way you want, order in request line can be different.

For example. You want to get all answered calls of user 123 from 2009-09-09 00:03 till now. You must send user_id, period_start and calltype params.

>> time = "2009-09-09 00:03".to_time.to_i
=> "1252454580"
>> hash_string = "123" + time.to_s + "answered"  
=> "1231252454580answered"

  • Add API_Secret_Key to the end of hash_string

>> API_Secret_Key = "Very Sercet Key"
>> hash_string += API_Secret_Key
=> "1231252454580answeredVery Sercet Key"

  • Calculate SHA1 hash of hash_string

>> Digest::SHA1.hexdigest(hash_string) 
=> "b93c35d5c6183288322122561a3da7e09abb63b7"

  • Use this hash as a hash parameter in API calls.



NOTE that all allowed params are put down in documentation of M2 MOR API methods


[edit] See also

Personal tools

Try MOR

Try M2