MOR API hash construction

From Kolmisoft Wiki
Revision as of 15:39, 12 July 2013 by Aisteb (talk | contribs)
Jump to navigationJump to search

Description

In MOR API methods we use hash parameter for better security.



Generate hash

How to construct hash to authenticate data over API

  • Concatenate all values you want to send into a single string. You can order them the way you want, but NOTICE that order in request line should be as params are listed when hash was constructed .

For example. You want to get all answered calls of user 123 from 2009-09-09 00:03 till now. You must send user_id, period_start and calltype params.

>> time = "2009-09-09 00:03".to_time.to_i
=> "1252454580"
>> hash_string = "123" + time.to_s + "answered"  
=> "1231252454580answered"

  • Add API_Secret_Key to the end of hash_string

>> API_Secret_Key = "Very Sercet Key"
>> hash_string += API_Secret_Key
=> "1231252454580answeredVery Sercet Key"

  • Calculate SHA1 hash of hash_string

>> Digest::SHA1.hexdigest(hash_string) 
=> "b93c35d5c6183288322122561a3da7e09abb63b7"

  • Use this hash as a hash parameter in API calls.



NOTE that all allowed params are put down in documentation of MOR API methods

Examples

Example of User Update Api hash string:

581asdfghjkl

  • 581 - is user ID
  • asdfghjkl - is API key

Such string should be used to generate SHA1 hash.



Hash check

This functionality is only available for administrator. Go to SETTINGS -> Setup -> Generate hash. Let's assume that API secret key is set to MORMOR. Enter uri and click Generate:

Generatehash.png

As it is written by the information icon, parameters are shown in the same order as they were when generating hash.

See also