Firstbase
  • Welcome
  • Incorporation API
    • Overview
    • Environment
    • Authentication
    • Name Check
      • Request
      • Response
        • Response for Successful
        • Response for Failed
    • Incorporation Order
      • Request
        • User
        • Company
        • Holders
        • Parent Companies
      • Response
        • Response for Successful
        • Response for Failed
          • Unavailable company
          • LLC - Wrong count percent
    • Fetch Order By External Id
      • Request
      • Response
        • Response for Successful
        • Response for Failed
          • Order not found
    • States of Incorporation
      • Request
      • Response
    • Countries
      • Request
      • Response
    • Industries
      • Request
      • Response
    • Webhook
      • Request
      • Response
      • Callback
        • Order call
        • Document call
    • Company Info
Powered by GitBook
On this page
  • How to manually generate firstbase-signature
  • Header creation sample

Was this helpful?

  1. Incorporation API

Authentication

PreviousEnvironmentNextName Check

Last updated 2 years ago

Was this helpful?

How to manually generate firstbase-signature

  1. Firstbase will provide an API Key and an API secret.

  2. You will need a timestamp, access to generate a timestamp.

  3. Access to generate the hash, follow the steps:

    • Select SHA256 algorithm;

    • Type the API secret of the partner at the "Enter Key" field;

    • Copy the timestamp generated at step 1 and concatenate with the request payload. For example:

      1647622159.{ "user": { "email": "test@123", "firstName": "Test",

      "lastName": "Test",

      "phone": 5532943153887,

      "country": "BR" }, ... }

    • Click on the "Generate HMAC" button.

  4. Set a new header in the request called firstbase-signature with the following pattern: firstbase-signature : t={{TIMESTAMP}},v1={{HMAC_HASH}}

  5. Set a new header as partner-id with your API Key.

    Your header should look like this:

    firstbase-signature: t=1647622159,v1=292972b55ce3f9db8d00f0423e12de0c2f897034a620b67663c59eaf5c8edd5b
    partner-id:5a002n
    Content-Type: application/json
  6. That is it! You are good to go.

Header creation sample

$timestamp = strtotime();
//payload
$payload = json_encode([
	"user" => [],
	"company" =>  [],
	"holders"=>  [[],[]]
]);

$hash = hash_hmac("SHA256", "{$timestamp}.{$payload}", $api_secret);

$auth_header = "firstbase-signature: t={$timestamp},v1={$hash}";

$url = "https://api.demo.firstbase.io/v2/referral/order";

$client = new GuzzleHttp\Client();
$res = $client->request('POST', $url, [
	'headers' => [
		 	"Content-Type: application/json",
		 	"partner-id: {$api_key}",
		 	$auth_header
	],
	"body" => $payload;
]);
let timestamp = Math.floor(Date.now() / 1000);
let payload = {
    "user": {},
    "company": {},
    "holders": [{}],
}
let payload_to_hash = `${timestamp}.${JSON.stringify(payload)}`;
console.log(payload_to_hash);

//Using CryptoJS Lib
let hash = CryptoJS.HmacSHA256(payload_to_hash, "apisecret");
let auth_header = `t=${timestamp},v1=${hash}`;

const id = 'YOUR_id_PARAMETER';
//Api fetch
const resp = await fetch(
  'https://api.demo.firstbase.io/v2/referral/order',
  {
    method: 'POST',
    headers: {
      'Content-Type': 'application/json',
      firstbase-signature: auth_header
    },
    body: JSON.stringify(payload)
  }
);


const data = await resp.json();
console.log(data);

import calendar
import time
import hashlib
import hmac
import binascii
import requests

timestamp = calendar.timegm(time.gmtime())
payload = {
    "user": {},
    "company": {},
    "holders": [{}],
}

payload_to_hash = "{timestamp}.{payload}".format(timestamp=timestamp, payload = payload)

hash = hmac.new(
    bytes("apisecret", 'UTF-8'),
    bytes(payload_to_hash, 'UTF-8'), 
    hashlib.sha256
).hexdigest()

url = 'https://api.demo.firstbase.io/v2/referral/order'

headers = {
    'content-type': 'application/json',
    'firstbase-signature': "t={timestamp},v1={hash}".format(timestamp=timestamp, hash = hash),
    'partner-id': "apikey"
}

x = requests.post(url, data = payload, headers=headers)

print(x.text)

here
here