Authentication

How to manually generate firstbase-signature

Firstbase will provide an API Key and an API secret.
You will need a timestamp, access here to generate a timestamp.
Access here to generate the hash, follow the steps:
- Select SHA256 algorithm;
- Type the API secret of the partner at the "Enter Key" field;
- Copy the timestamp generated at step 1 and concatenate with the request payload. For example:
  1647622159.{ "user": { "email": "test@123", "firstName": "Test",
  "lastName": "Test",
  "phone": 5532943153887,
  "country": "BR" }, ... }
- Click on the "Generate HMAC" button.
Set a new header in the request called firstbase-signature with the following pattern: firstbase-signature : t={{TIMESTAMP}},v1={{HMAC_HASH}}

Set a new header as partner-id with your API Key.

Your header should look like this:

firstbase-signature: t=1647622159,v1=292972b55ce3f9db8d00f0423e12de0c2f897034a620b67663c59eaf5c8edd5b
partner-id:5a002n
Content-Type: application/json

That is it! You are good to go.

Header creation sample

$timestamp = strtotime();
//payload
$payload = json_encode([
	"user" => [],
	"company" =>  [],
	"holders"=>  [[],[]]
]);

$hash = hash_hmac("SHA256", "{$timestamp}.{$payload}", $api_secret);

$auth_header = "firstbase-signature: t={$timestamp},v1={$hash}";

$url = "https://api.demo.firstbase.io/v2/referral/order";

$client = new GuzzleHttp\Client();
$res = $client->request('POST', $url, [
	'headers' => [
		 	"Content-Type: application/json",
		 	"partner-id: {$api_key}",
		 	$auth_header
	],
	"body" => $payload;
]);

let timestamp = Math.floor(Date.now() / 1000);
let payload = {
    "user": {},
    "company": {},
    "holders": [{}],
}
let payload_to_hash = `${timestamp}.${JSON.stringify(payload)}`;
console.log(payload_to_hash);

//Using CryptoJS Lib
let hash = CryptoJS.HmacSHA256(payload_to_hash, "apisecret");
let auth_header = `t=${timestamp},v1=${hash}`;

const id = 'YOUR_id_PARAMETER';
//Api fetch
const resp = await fetch(
  'https://api.demo.firstbase.io/v2/referral/order',
  {
    method: 'POST',
    headers: {
      'Content-Type': 'application/json',
      firstbase-signature: auth_header
    },
    body: JSON.stringify(payload)
  }
);


const data = await resp.json();
console.log(data);

import calendar
import time
import hashlib
import hmac
import binascii
import requests

timestamp = calendar.timegm(time.gmtime())
payload = {
    "user": {},
    "company": {},
    "holders": [{}],
}

payload_to_hash = "{timestamp}.{payload}".format(timestamp=timestamp, payload = payload)

hash = hmac.new(
    bytes("apisecret", 'UTF-8'),
    bytes(payload_to_hash, 'UTF-8'), 
    hashlib.sha256
).hexdigest()

url = 'https://api.demo.firstbase.io/v2/referral/order'

headers = {
    'content-type': 'application/json',
    'firstbase-signature': "t={timestamp},v1={hash}".format(timestamp=timestamp, hash = hash),
    'partner-id': "apikey"
}

x = requests.post(url, data = payload, headers=headers)

print(x.text)

PreviousEnvironment NextName Check

Last updated 3 years ago

Was this helpful?