Versions Compared

Old Version 119

changes.mady.by.user Troy Wallace

Saved on

compared with

New Version 120

changes.mady.by.user Troy Wallace

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This document outlines how to access the Armor API system using the Pre-Shared Key (PSK) authentication method. This method applies to all Armor API's.

...

Note

Before you begin:

If you access the Armor API system through an AMP-generated API Key, then you will not be able to access the following endpoints:

  • GET /users/{id}/keys

  • DELETE /users/{id}/keys/{key}

  • POST /users/{id}/keys

  • GET /users/{id:int}/ActivationCode

  • POST /users/resetpassword

  • POST /users/setpassword

  • PUT /users/{id:int}

  • POST /users/status

  • POST /users/

  • POST /users/{userId:int}/invite

  • GET /users/LockedOut/{accountId}/{email}

  • POST /users/unlock/{accountId}/{email}

  • DELETE /users/softDelete

  • PUT /usersecurity/challengephrase

  • GET /usersecurity/securityinformation/{referencekey}

  • POST /usersecurity/securityinformation/{referencekey}

  • POST /usersecurity/securityinformation/existing/{referencekey}

  • GET /usersecurity/challengephrase/{userId}

  • POST /usersecurity/validatemfaphone

  • POST /usersecurity/securityinformation/{accountId}/{userId}

  • POST /usersecurity/validatephoneapppin

...

Expand
titleStep 1: Create an API Key

ESLP:Create an API (snippet)
Insert excerpt
ESLP:Create an API (snippet)
Pre-Shared Key Authentication Method
Pre-Shared Key Authentication Method
nameCreate API Key
nopaneltrue



Expand
titleStep 2: Authenticate into the Armor API system

At a high-level, to authenticate into the Armor API system with your API token, you must create a header with the following information:

  • ARMOR-PSK {Private Key ID}:{HMACSHA512 Signature}:{Nonce}:{Timestamp}

Note

Review the following sample authentication header:

Code Block
themeMidnight
ARMOR-PSK 20a37099-4a0b-432f-bf46-5fa690a0405c:8wliK5PMXBrMNQX0DmXkkpC2YD5j+QtPH2xVRZM7jaaS0hC6jhRmtxy+nKJidDnYTpFc6blsO7+4VfKqslbqzA==:8jbj872s2h:1528140529



Authentication Component

Description

Example

Authorization Type

Use ARMOR-PSK.

ARMOR-PSK

API Key ID

Use the Key ID generated in AMP.

20a37099-4a0b-432f-bf46-5fa690a0405c

HMAC signature

Specifically, create a SHA512 signature that includes the following parameters:

  • API key ID (generated in AMP)

  • httpMethod

  • requestPath

  • nonce

  • timestamp

  • requestbody

  • Secret Key (generated from AMP)

8wliK5PMXBrMNQX0DmXkkpC2YD5j+QtPH2xVRZM7jaaS0hC6jhRmtxy+nKJidDnYTpFc6blsO7+4VfKqslbqzA==

Nonce

Enter a unique ID.

  • This ID should be unique per request.

  • This ID cannot be longer than 128 characters.

  • This ID cannot contain a colon ( : ).

8jbj872s2h

Timestamp

Enter a Unix time stamp within 5 minutes of current time.

1528140529


Note

Based on your API application, review the following documents for additional authentication information:


...

Expand
titleStep 3: Make an API Call

To review the API calls, as well as implement the calls, access the interactive Armor API tool at https://developer.armor.com/.

...