API Authentication

To sign a request, you will need your Account ID and API Key. See API Overview for instructions on how to get these values.

Account ID

The Account ID must be sent in the X-Account-Id header. There must be no spaces or trailing characters.

Signature

Sign the request as described below and include this signature in the X-Api-Signature header.

Signing Requests

To sign an API request, follow these basic steps:

  1. From the JSON object passed as POST data, sort all keys.
  2. In the order of the sorted keys, concatenate all key/value pairs as such:

    KEY1:VALUE1.KEY2:VALUE2.

    If the value is an array or object, substitute 1 for the value.

  3. Create a Base64 encoded HMAC MD5 hash of this string, using the account's API Key to as the key.
Example
 
POST Data
 
{ "search": "widgets",
 "account": "51093df84623aef5ae25dd14" }
 
String to Sign
 
account:51093df84623aef5ae25dd14.search:widgets.
 

NodeJS Example

 

var crypto = require('crypto');

var key = 'OBAFCbp5yQmuDaE2XBaW1oujMwTf05p3';

var body = 
  "search": "widgets",
  "account": "51093df84623aef5ae25dd14"
};

// Get and sort all keys
var keys = Object.keys(body);
keys.sort();

// Create string to sign
var reqStr = '';
for (var i=0;i<keys.length;i++) {
if (Array.isArray(body[keys[i]]) || typeof body[keys[i]] === 'object') {
reqStr += keys[i] + ':1.';
} else {
  reqStr += keys[i] + ':' + body[keys[i]] + '.';
}
}

var signature = crypto.createHmac('md5', key).update(reqStr).digest('base64');

 

PHP Example

<?php

const ACCOUNT_ID = '56b209dbfe363ce700000000';
const API_KEY = 'ABC123';

$data = array(
'search' => 'widgets',
'account' => ACCOUNT_ID
);
ksort($data);

$data_string = json_encode($data);

$signature = '';
foreach ($data as $key => $value) {
if (is_array($value)) {
$signature .= $key . ':1.';
} else {
$signature .= $key . ':' . $value . '.';
}
}

$headers = array(
'Content-Type: application/json',
'Content-Length: ' . strlen($data_string),
'X-Account-Id: ' . ACCOUNT_ID,
'X-Api-Signature: '. base64_encode(hash_hmac('md5', $signature, API_KEY, true))
);

$CURL_OBJECT = curl_init('https://app.intrakr.com/api/global/search');
curl_setopt($CURL_OBJECT, CURLOPT_CUSTOMREQUEST, 'POST');
curl_setopt($CURL_OBJECT, CURLOPT_POSTFIELDS, $data_string);
curl_setopt($CURL_OBJECT, CURLOPT_RETURNTRANSFER, true);
curl_setopt($CURL_OBJECT, CURLOPT_HTTPHEADER, $headers);

$result = curl_exec($CURL_OBJECT);
print_r($result);

?> 
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk