To make use of our API you should contact us via email (firstname.lastname@example.org) and describe how and why you want to use it. We will contact you then and provide you an API Key and API Secret which is neccessary to access the API.
Our API Signing mechanism is based on a PHP package called signature-php which is a PHP 5.4+ port of the Signature ruby gem. It is based on the principle of HMAC-SHA authentication which is a very simple key / secret authentication for APIs using hashed signatures.
To authenticate against the API you have to provide the following parameters
|x-version||The current version of the API Authentication mechanism. We use version: 5.1.2||5.1.2|
|x-key||The key we provide you to get access to our API||8xPuQm2ZDj6jf483bvRqz4MHX|
|x-timestamp||The current timestamp when you send the request. Will be used for request verification.||1493899035|
|x-signature||The generated HMAC SHA (sha256) signature.||810c64b215f7f0f7bd018bab9a3443978dd6eb4a2308e24595296452b7aeb3d1|
The signature will be generated from:
$secret = '8xPu442ZDj6je483b2Rqz4MHX'; $auth = [ 'x-version' => '5.1.2', 'x-key' => '8xPuQm2ZDj6jf483bvRqz4MHX', 'x-timestamp' => 1493899035, ]; $params = [ 'foo' => 'bar' ]; $payload = merge($auth, $params); $payload = change_case($payload, CASE_LOWER); keysort($payload); $payload = urldecode(http_build_query($payload)); $payload = implode("\n", [$method, $uri, $payload]); $signature = hash_hmac('sha256', $payload, $secret);
If you have any questions please contact us.