eTowerB2B provides each API client with an API Token and a corresponding Secret Key. The Key is used exclusively for MAC SHA-1 signing and is not transmitted in the request. Every request must include authentication information to verify the sender's identity and permissions.T
Token: test5AdbzO5OEeOpvgAVXUFE0A
Key: 79db9e5OEeOpvgAVXUFWSD
Please contact your integrator (the party using eTowerB2B integrator account) to obtain a a production/test environment account, then log in eTowerB2B and acquire the Token and Secret Key in the API Tokens module :
Test Environment: :https://cfs-qa.etowertech.com
Production Environment:https://b2b.etowertech.com
sample:
Host: cfs-qa.etowertech.com
X-WallTech-Date: Thu, 06 Aug 2020 06:01:26 GMT
Authorization: WallTech testLvs2jdug2qIoRsJyuxs:2THPh5_j4OTYUGdinstTC4nYqDE=
Content-Type: application/json
Accept: application/json
Generation Method:
1. X-WallTech-Date:Request Sent Time
RFC1123 Format
Format: EEE, DD MM YYYY HH:MM:SS ZZZ
Example: Thu, 04 Nov 2021 03:39:28 GMT
Note: Use Greenwich Mean Time (GMT). For Beijing Time (GMT+8), subtract 8 hours.
Important: The server will reject requests if the time difference between server receipt and sending time exceeds 15 minutes.
2. Authorization:Signature Authentication
Format: WallTech <Token>:<Base64 Encoded HMAC SHA-1 Hash>
<Token>:API Token
<Base64 Encoded HMAC SHA-1 Hash> Java code description:
Encrypt the API Token's Secret Key (e.g., Key=79db9e5OEeOpvgAVXUFWSD) using the SecretKeySpec class with the HmacSHA1 algorithm. Initialize a Mac object with the HmacSHA1 algorithm, then initialize this Mac object with the key. Finally, process the Mac object into bytes and perform Base64 encoding.
Example: WallTech testLvs2jdug2qIoRsJyuxs:2THPh5_j4OTYUGdinstTC4nYqDE=
Content-Type:application/json
Accept:application/json