Authentication

All API requests require an access-token in the headers. The token is generated using HMACSHA256, with your {key} as the secret key and your {login} as the message.

Formula:

access-token = HMACSHA256('{key}', '{login}')

Example:

  • Login: john_yablonliy

  • Key: 4f56cc8f-eb99-4b5d-9255-52ae6f23e91c

  • HMACSHA256 hash: 374edb1201d1b9cf74101aa1f8e14962ee83c611beed65f1e28cbd616e1de8b1

Header Example:

access-token: 374edb1201d1b9cf74101aa1f8e14962ee83c611beed65f1e28cbd616e1de8b1

Security Note: HMACSHA256 provides improved security over standard SHA256 by using your key as a secret component in the hashing process, which helps protect against length extension attacks and other cryptographic vulnerabilities.

PreviousWelcomeNextSignature

Last updated