24th Feb 2021

API Authentication

Generating an API key

To authenticate the Integration API requests, generate an API key in the Talon.One application settings:

  1. Open your application settings section.
  2. Open Developer settings.
  3. Click Create A new API Key.

    LocationAttribute

  4. Enter a title and expiry date for the API key.

    LocationAttribute

The API key is generated, You can use it in your preferred SDK.

Here is an example of the Java SDK using the API key.

iApi.getApiClient().setApiKeyPrefix("ApiKey-v1");
iApi.getApiClient().setApiKey("dbc644d33aa74d582bd9479c59e16f970fe13bf34a208c39d6c7fa");

If you don't use our SDKs, then add an HTTP header as follows:

Authorization: ApiKey-v1 dbc644d33aa74d582bd9479c59e16f970fe13bf34a208c39d6c7fa

Note: An application can have multiple API keys.

Note: Once an API key has been generated and displayed in the UI, it cannot be displayed again.

(Deprecated) HMAC authentication

Each Integration API request must authenticate itself by generating an HMAC signature adding a Content-Signature header.

To retrieve the secret key for generating the HMAC signature:

  • Open the Developer Settings of the Campaign Manager, or
  • Use the getApplication operation of the Management API.

Example signature generation (PHP)

The code below demonstrates how to generate the signature for a request in PHP.

We assume that:

  • $json_string is the JSON-encoded payload of the request.
  • $application_id is the ID of the application sending the request.
  • $application_key is the secret key from your application.
$key = hex2bin($application_key);
$signature = hash_hmac('md5', $json_string, $key);

curl_setopt($ch, CURLOPT_HTTPHEADER, array(
    'Content-Type: application/json',
    'Content-Signature: signer='.
    $application_id .'; signature='.$signature
));

Example signature generation (Node.js)

We assume that jsonString, applicationId and applicationKey are defined.

var crypto = require('crypto')
var hmac = crypto.createHmac('md5', new Buffer(applicationKey, 'hex'));
hmac.write(jsonString);
hmac.end()
var signature = hmac.read().toString('hex')
req.setHeader('Content-Signature', 'signer=' + applicationId + '; signature=' + signature)
req.write(buff)
Still need help? Get in touch!
Last updated on 24th Feb 2021

Was this article helpful?

Thank you! You have already voted

If you’d like a member of our support team to respond to you, please send a note to support@talon.one