Every private data or bot endpoint is secured with a private key

  • Arrange the parameters in ascending alphabetical order

  • Combine them with &. Don't URL encode them.

  • Encode complete string to UTF8.

  • Create a SHA256 signature from the encoded string and the Local API token.

  • Remove - from the signature

  • Make sure the signature is upper case.

  • Add "&sig=signature" to the URL.

public string CreateSignature(Dictionary<string, string> parameters, string privateKey)
    var parametersString = string.Empty;
    foreach (var parameter in parameters.OrderBy(c => c.Key))
        parametersString += $"&{parameter.Key}={parameter.Value}";

    parametersString = parametersString.TrimStart('&');
    var hmac = new HMACSHA256(Encoding.UTF8.GetBytes(privateKey));
    var hash = hmac.ComputeHash(Encoding.UTF8.GetBytes(parametersString));
    var sig = BitConverter.ToString(hash).Replace("-", "");

    return sig;

Last updated