How to manually generate firstbase-signature

  1. Firstbase will provide an API Key and an API secret.

  2. You will need a timestamp, access here to generate a timestamp.

  3. Access here to generate the hash, follow the steps:

    • Select SHA256 algorithm;

    • Type the API secret of the partner at the "Enter Key" field;

    • Copy the timestamp generated at step 1 and concatenate with the request payload. For example:

      1647622159.{ "user": { "email": "test@123", "firstName": "Test",

      "lastName": "Test",

      "phone": 5532943153887,

      "country": "BR" }, ... }

    • Click on the "Generate HMAC" button.

  4. Set a new header in the request called firstbase-signature with the following pattern: firstbase-signature : t={{TIMESTAMP}},v1={{HMAC_HASH}}

  5. Set a new header as partner-id with your API Key.

    Your header should look like this:

    firstbase-signature: t=1647622159,v1=292972b55ce3f9db8d00f0423e12de0c2f897034a620b67663c59eaf5c8edd5b
    Content-Type: application/json
  6. That is it! You are good to go.

Header creation sample

$timestamp = strtotime();
$payload = json_encode([
	"user" => [],
	"company" =>  [],
	"holders"=>  [[],[]]

$hash = hash_hmac("SHA256", "{$timestamp}.{$payload}", $api_secret);

$auth_header = "firstbase-signature: t={$timestamp},v1={$hash}";

$url = "";

$client = new GuzzleHttp\Client();
$res = $client->request('POST', $url, [
	'headers' => [
		 	"Content-Type: application/json",
		 	"partner-id: {$api_key}",
	"body" => $payload;

Last updated