Advent of Code is back! Unwrap daily challenges to sharpen your Alteryx skills and earn badges along the way! Learn more now.

Alteryx Designer Desktop Discussions

Find answers, ask questions, and share expertise about Alteryx Designer Desktop and Intelligence Suite.
SOLVED

API Connections to Whale Wisdom - Encrypting using HMAC-SHA1 and the HMAC Macro

attardc1
7 - Meteor

Hi Community,

 
I am trying to connect to the API of the financial / 13f service, Whale Wisdom, of which I have a paid subscription. The link below explains their API requirements:


The API Call must be formatted as seen below:

I am using the HMAC Macro (https://gallery.alteryx.com/#!app/HMAC-Encrypt--Installer-/576326f1aa690a05284b2e7b) to generate the [api_sig] portion of the call as defined below (I cannot post a workflow with our shared & secret keys):

  • [api_sig] is a signature of the args parameter created using your secret access key. The api_sig is constructed using the HMAC-SHA1 algorithm. You take the HMAC-SHA1 digest of the [args] parameter and then encode the results in base64. The process is similar to how OAuth signs requests except with our API we are using the args and timestamp query parameters (before they are URL encoded). When creating the signature, combine the args and timestamp with an ASCII newline ("\n") character.  
  • For Ruby the process would look like this:
    • require 'digest/sha1'
      t=Time.now
      digest = OpenSSL::Digest::Digest.new( 'sha1' )
      hmac = OpenSSL::HMAC.digest( digest, secret_access_key, args+"\n"+t.utc.strftime('%Y-%m-%dT%H:%M:%SZ') )
      sig=Base64.encode64( hmac ).chomp.gsub(/\n/, '')

 

I've confirmed with the service that the input into the HMAC should be as below:

  • {\"command\":\"holdings\",\"filer_ids\":[349,2182]}\n2018-3-29T11:04:17Z

But when I concatenate the generated [api_sig] back into the URL to create the GET Request, I am getting a "signature mismatch" error from the download tool.

Please let me know if you have experience with this situation! Thanks in advance for your time!

 

Regards,

Chris

2 REPLIES 2
patrick_digan
17 - Castor
17 - Castor

@attardc1 See if the attached works when you put your key and secret in the text input. I got past the signature invalid error on my end.

 


@attardc1wrote:

 

I've confirmed with the service that the input into the HMAC should be as below:

  • {\"command\":\"holdings\",\"filer_ids\":[349,2182]}\n2018-3-29T11:04:17Z

 


I think you need to 1) delete the \ that precede your " and replace the \n with a true newline character. In alteryx that looks like this (where args is coming from a text input and the timestamp is calculated:

Capture.PNG

 

I am now receiving an error, but I assume it's due to me setting up a free account and not limiting the data. I assume it will work fine for you if you use your key and secret in the workflow.

Capture.PNG

 

Hope that helps!

attardc1
7 - Meteor

@ Thank you so much for your help!

 

That worked perfectly!

Labels