Apstrata documentation
Child pages
  • Simple Signature Type
Skip to end of metadata
Go to start of metadata

The Simple Signature Type

In order to use the simple signature, requests should specify the authentication mode by setting the value of the parameter “apsws.authMode” to “simple”. Each request must also specify the action name and the timestamp (i.e., apsws.time). A URL example would be:

URL
http://sandbox.apstrata.com/apsdb/rest/ [authenticationkey]/CreateStore?apsws.time=1234567890&apsws.authMode=simple

First, construct the text to hash by doing:

Value to Hash
ValueToHash = [timestampValue][Authentication Key value][action name][secret]
Example
secret = qwerty
apsws.authKey = asdfg
apsws.time = 1234567890
action = CreateStore
valueToHash= 1234567890asdfgCreateStoreqwerty

The values are appended without a separator.

The signature is then created by generating the Md5 hash of this text and using Hexadecimal characters:

Example
apsws.authSig = Md5hashFunction(valueToHash)

Keep in mind that simple signature is secure only when used over a secure connection. It is highly recommended to use SSL connection when using a simple signature to avoid data interception and replay attacks. If you don’t want to use SSL connection, it is advisable to use the default signature.



  • No labels