In order to make successful API calls as a Customer, the following key/value pairs, defined in the subsequent chart, must be included as a string in the 'Authorization' header:
headers = {
'authorization': '{"public_id": "39bkas893740ng49023u0m23049209n2", "ts": 1488466536, "sig_field": "test_user", "sig": "BNobNOMlv3DDv6IXs861hx6WMM/4qP4V18tSYM8mPoQ="}',
'content-type': 'application/json'
}
| key | description | example |
|---|---|---|
| public_key | Public API key for your account (also your merchant ID) | 39bkas893740ng49023u0m23049209n2 |
| ts | Current Unix epoch timestamp | 1488466536 |
| sig_field | ID of the customer to be authenticated | test_user |
| sig | Generated HMAC signature | BNobNOMlv3DDv6IXs861hx6WMM/4qP4V18tSYM8mPoQ= |
Hashing Signature Values
Your HMAC signature('sig') is the product of hashing the '<sig_field>|' value. See 'Signature Generation'.
Example Calls in Customer Scope
curl -i -H 'Authorization: {"public_id": "39bkas893740ng49023u0m23049209n2", "ts": 1488466536, "sig_field": "test_user", "sig": "BNobNOMlv3DDv6IXs861hx6WMM/4qP4V18tSYM8mPoQ="}' -H 'Content-Type: application/json' http://hostname/resource
import requests
url = 'http://hostname/resource'
headers = {
'authorization': '{"public_id": "39bkas893740ng49023u0m23049209n2", "ts": 1488466536, "sig_field": "test_user", "sig": "BNobNOMlv3DDv6IXs861hx6WMM/4qP4V18tSYM8mPoQ="}',
'content-type': 'application/json'
}
response = requests.get(url, headers=headers)