Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 24 Next »

You can use the API tokenization feature in the Armor Management Portal (AMP) to create an API key. This key will help you log into the Armor API system. 


Step 1: Create an API key

Error rendering macro 'excerpt-include' : No link could be created for 'ESLP:Create an API (snippet)'.


Step 2: Authenticate into the Armor API system

  1. In your Postman application, create a new GET request with the following endpoint: https://api.armor.com/roles
  2. Click Headers
  3. Under Key, select Authorization
  4. In Value, enter {{hmacAuthHeader}}.
  5. Under Key, select Content-Type
  6. In Value, enter application/json
  7. Click Pre-request Script
  8. Enter the script below with the following updated parameters:

ParameterDescription
APP_ID

Enter the Key ID generated from AMP.

In the example below, replace <use the api key id> with your key ID.

SECRET_KEY

Enter the Secret Key generated from AMP.

In the example below, replace <use the secret key> with your secret key.

nonce

Enter a unique ID.

  • This ID should be unique per request.
  • This ID cannot be longer than 128 characters.
  • This ID cannot contain a colon ( : ). 
timestampEnter a Unix time stamp within 5 minutes of the current time.

For all v2 API's, the request body should be empty.

function getPath(url) {
    var pathRegex = /.+?\:\/\/.+?(\/.+?)(?:#|\?|$)/;
    var result = url.match(pathRegex);
    return result && result.length > 1 ? result[1] : '';
}
  
function getQueryString(url) {
    var arrSplit = url.split('?');
    return arrSplit.length > 1 ? url.substring(url.indexOf('?')+1) : '';
}
  
function getAuthHeader(httpMethod, requestUrl, requestBody) {
    *var APP_ID = '<use the api key id>';*
    *var SECRET_KEY = '<use the secret key>';*
    var AUTH_TYPE = 'ARMOR-PSK';
    var requestPath = getPath(requestUrl).replace('https', 'http');
    var queryString = getQueryString(requestUrl);
    if (httpMethod == 'GET' || !requestBody) {
        requestBody = '';
    } else {
        requestBody = requestBody.toString();
        requestBody = CryptoJS.enc.Base64.stringify(CryptoJS.SHA512(requestBody));
    }  
    var timestamp = Math.round(new Date().getTime() / 1000);
    var nonce = timestamp;
    var requestData = [APP_ID, httpMethod, requestPath, nonce, timestamp, requestBody].join("");
    var mac = CryptoJS.HmacSHA512(requestData, SECRET_KEY);
    var signature = CryptoJS.enc.Base64.stringify(mac);
    var authHeader = AUTH_TYPE + ' ' + APP_ID + ':' + signature + ':' + nonce + ':' + timestamp;
    return authHeader;
}
postman.setEnvironmentVariable('hmacAuthHeader', getAuthHeader(request['method'], request['url'], request['data']));


Step 3: Make an API Call

To learn about the different calls that you can make, see Armor API Guide.


Related Documentation 



Was this helpful?




  • No labels