@Sruhl,
Thanks for your response. I am trying to create an API Call in this format:
I am using the HMAC Macro you linked to in this thread to help with [api_sig] portion of the call as defined below (this is a paid service so we cannot post a workflow with our shared & secret keys):
- [api_sig] is a signature of the args parameter created using your secret access key. The api_sig is constructed using the HMAC-SHA1 algorithm. You take the HMAC-SHA1 digest of the [args] parameter and then encode the results in base64. The process is similar to how OAuth signs requests except with our API we are using the args and timestamp query parameters (before they are URL encoded). When creating the signature, combine the args and timestamp with an ASCII newline ("\n") character.
- For Ruby the process would look like this:
- require 'digest/sha1'
t=Time.now
digest = OpenSSL::Digest::Digest.new( 'sha1' )
hmac = OpenSSL::HMAC.digest( digest, secret_access_key, args+"\n"+t.utc.strftime('%Y-%m-%dT%H:%M:%SZ') )
sig=Base64.encode64( hmac ).chomp.gsub(/\n/, '')
We are trying to use the HMAC tool to encrypt the [api_sig], but we are not sure what the input string should be. We've tried as a URL, JSON, and a delimited timestamp, but all of these options have resulted in "signature mismatch" when using a Download Tool to get the data.
Thanks again for your time!
