Authentication
Every private data or bot endpoint is secured with a private key
    Arrange the parameters in ascending alphabetical order
    Combine them with &. Don't URL encode them.
    Encode complete string to UTF8.
    Create a SHA256 signature from the encoded string and the Local API token.
    Remove - from the signature
    Make sure the signature is upper case.
    Add "&sig=signature" to the URL.
C#
Bash
FileMaker v17
Python
1
public string CreateSignature(Dictionary<string, string> parameters, string privateKey)
2
{
3
var parametersString = string.Empty;
4
foreach (var parameter in parameters.OrderBy(c => c.Key))
5
parametersString += quot;&{parameter.Key}={parameter.Value}";
6
7
parametersString = parametersString.TrimStart('&');
8
var hmac = new HMACSHA256(Encoding.UTF8.GetBytes(privateKey));
9
var hash = hmac.ComputeHash(Encoding.UTF8.GetBytes(parametersString));
10
var sig = BitConverter.ToString(hash).Replace("-", "");
11
12
return sig;
13
}
Copied!
1
echo -n $parameters | iconv -f ascii -t utf8 | openssl sha256 -hmac "$key" | awk '{ print toupper($2) }'
Copied!
1
HexEncode (CryptAuthCode ( "abc + UTF-8 ordered parameters in other words string"; "SHA256"; "local api key" ))
Copied!
1
import hmac
2
import hashlib
3
import collections
4
from typing import Dict
5
6
7
@staticmethod
8
def generate_signature(parameters: Dict[str, str], privatekey: str):
9
parameter_string = ""
10
11
parameters = collections.OrderedDict(sorted(parameters.items()))
12
13
for key, value in parameters.items():
14
parameter_string += "&" + str(key) + "=" + str(value)
15
16
parameter_string = parameter_string.replace("&", "", 1)
17
18
key = bytes(privatekey, 'UTF-8')
19
message = bytes(parameter_string, 'UTF-8')
20
21
digester = hmac.new(key, message, hashlib.sha256)
22
signature = digester.digest()
23
signature = signature.hex().replace("-", "").upper()
24
25
r
Copied!
Last modified 3yr ago
Copy link