M4 API hash construction

From Kolmisoft Wiki
Revision as of 11:08, 28 November 2022 by Admin (talk | contribs) (→‎Description)
Jump to navigationJump to search

Description

In M4 API methods we use hash parameter for better security.



Generate hash

How to construct hash to authenticate data over API

  • Concatenate all values you want to send into a single string. During hash generation you can order params the way you want, order in request line can be different.

For example. You want to get all answered calls of user 123 from 2009-09-09 00:03 till now. You must send user_id, period_start and calltype params.

>> time = "2009-09-09 00:03".to_time.to_i
=> "1252454580"
>> hash_string = "123" + time.to_s + "answered"  
=> "1231252454580answered"

  • Add API_Secret_Key to the end of hash_string

>> API_Secret_Key = "Very Sercet Key"
>> hash_string += API_Secret_Key
=> "1231252454580answeredVery Sercet Key"

  • Calculate SHA1 hash of hash_string

>> Digest::SHA1.hexdigest(hash_string) 
=> "b93c35d5c6183288322122561a3da7e09abb63b7"

  • Use this hash as a hash parameter in API calls.



NOTE that all allowed params are put down in documentation of M2 MOR API methods


See also