eTowerB2B provides each API client with an API Token and a corresponding Secret Key. The Key is used exclusively for MAC SHA-1 signing and is not transmitted in the request. Every request must include authentication information to verify the sender's identity and permissions.T
Token and Key Format
Token: test5AdbzO5OEeOpvgAVXUFE0A
...
Step 1: Obtain Token and Key
Please contact your integrator (the party using eTowerB2B integrator account) to obtain a a production/test environment account, then log in eTowerB2B and acquire the Token and Secret Key in the API Tokens module :
Test Environment::https://cfs-qa.etowertech.com
Production Environment:https://b2b.etowertech.com
Step 2: Add Request Headers
sample:
Host: cfs-qa.etowertech.com
...
Accept: application/json
Generation Method:
- It is recommended to refer to the attachment file [API Signature Demo.rar] which which contains sample code in multiple languages:
- .netsample.cs
- c#_demo.cs
- java_project_demo.zip
- java_demo.java
- js_demo.js
- php_demo.txt
- python_demo.py
1. X-WallTech-Date:Request Sent Time
RFC1123 Format
Format: EEE, DD MM YYYY HH:MM:SS ZZZ
Example:Thu, 04 Nov 2021 03:39:28 GMT
...
2. Authorization:Signature Authentication
Format: WallTech <Token>:<Base64 Encoded HMAC SHA-1 Hash>
...
Encrypt the API Token's Secret Key (e.g., Key=79db9e5OEeOpvgAVXUFWSD) using the SecretKeySpec class with the HmacSHA1 algorithm. Initialize a Mac object with the HmacSHA1 algorithm, then initialize this Mac object with the key. Finally, process the Mac object into bytes and perform Base64 encoding.
Example: WallTech testLvs2jdug2qIoRsJyuxs:2THPh5_j4OTYUGdinstTC4nYqDE=
...