MOR API hash construction
Description
In MOR API methods we use hash parameter for better security.
Generate hash
How to construct hash to authenticate data over API
- Concatenate all values you want to send into a single string. You can order them the way you want, but NOTICE that order in request line should be as params are listed when hash was constructed .
For example. You want to get all answered calls of user 123 from 2009-09-09 00:03 till now. You must send user_id, period_start and calltype params.
>> time = "2009-09-09 00:03".to_time.to_i
=> "1252454580"
>> hash_string = "123" + time.to_s + "answered"
=> "1231252454580answered"
- Add API_Secret_Key to the end of hash_string
>> API_Secret_Key = "Very Sercet Key"
>> hash_string += API_Secret_Key
=> "1231252454580answeredVery Sercet Key"
- Calculate SHA1 hash of hash_string
>> Digest::SHA1.hexdigest(hash_string)
=> "b93c35d5c6183288322122561a3da7e09abb63b7"
- Use this hash as a hash parameter in API calls.
NOTE that all allowed params are put down in documentation of MOR API methods
Examples
Example of User Update Api hash string:
581asdfghjkl
- 581 - is user ID
- asdfghjkl - is API key
Such string should be used to generate SHA1 hash.
Hash check
This functionality is only available for administrator. Go to SETTINGS -> Setup -> Generate hash. Let's assume that API secret key is set to MORMOR. Enter uri and click Generate:
As it is written by the information icon, parameters are shown in the same order as they were when generating hash.