Versions Compared

Old Version 26

changes.mady.by.user Luke Fritz

Saved on

compared with

New Version Current

changes.mady.by.user Troy Wallace

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...


Step 1: Create an API key

ESLP:Create an API (snippet)

Insert excerpt
ESLP:Create an API (snippet)
Pre-Shared Key Authentication Method
Pre-Shared Key Authentication Method
nameCreate API Key
nopaneltrue


Step 2: Authenticate into the Armor API system

  1. In your Postman application, create a new GET request with the following endpoint: https://api.armor.com/roles

  2. Click Headers.

  3. Under Key, select Authorization.

  4. In Value, enter {{hmacAuthHeader}}.

  5. Under Key, select Content-Type.

  6. In Value, enter application/json.

  7. Click Pre-request Script.

  8. Enter the script below with the following updated parameters:

Parameter

Description

APP_ID

Enter the Key ID generated from AMP.

Note

In the example below, replace <use the api key id> with your key ID.

SECRET_KEY

Enter the Secret Key generated from AMP.

Note

In the example below, replace <use the secret key> with your secret key.

nonce

Enter a unique ID.

  • This ID should be unique per request.

  • This ID cannot be longer than 128 characters.

  • This ID cannot contain a colon ( : ).

timestamp

Enter a Unix time stamp within 5 minutes of the current time.

Info

For all v2 API's, the request body should be empty.

Code Block
themeMidnight
function getPath(url) {
    var pathRegex = /.+?\:\/\/.+?(\/.+?)(?:#|\?|$)/;
    var result = url.match(pathRegex);
    return result && result.length > 1 ? result[1] : '';
}
  
function getQueryString(url) {
    var arrSplit = url.split('?');
    return arrSplit.length > 1 ? url.substring(url.indexOf('?')+1) : '';
}
  
function getAuthHeader(httpMethod, requestUrl, requestBody) {
    *var APP_ID = '<use the api key id>';*
    *var SECRET_KEY = '<use the secret key>';*
    var AUTH_TYPE = 'ARMOR-PSK';
    var requestPath = getPath(requestUrl).replace('https', 'http');
    var queryString = getQueryString(requestUrl);
    if (httpMethod == 'GET' || !requestBody) {
        requestBody = '';
    } else {
        requestBody = requestBody.toString();
        requestBody = CryptoJS.enc.Base64.stringify(CryptoJS.SHA512(requestBody));
    }  
    var timestamp = Math.round(new Date().getTime() / 1000);
    var nonce = timestamp;
    var requestData = [APP_ID, httpMethod, requestPath, nonce, timestamp, requestBody].join("");
    var mac = CryptoJS.HmacSHA512(requestData, SECRET_KEY);
    var signature = CryptoJS.enc.Base64.stringify(mac);
    var authHeader = AUTH_TYPE + ' ' + APP_ID + ':' + signature + ':' + nonce + ':' + timestamp;
    return authHeader;
}
postman.setEnvironmentVariable('hmacAuthHeader', getAuthHeader(request['method'], request['url'], request['data']));

...

To learn about the different calls that you can make, see Armor API Guide.


Related Documentation

...