| layout | title | permalink | nav_order |
|---|---|---|---|
default |
Authentication |
/authentication/ |
2 |
To make calls to the API, you need a token. This token authorizes all of your API calls.
If you don't have an API key or an API secret, please see "Getting Started" before proceeding.
To get a token, make a POST call to /authenticate/userpasshmac with the following parameters:
| Parameter | Description |
|---|---|
| username | Username of the user |
| password | Password for the user |
| key | API Key |
| ts | Current Unix timestamp |
| hmac | Calculated code (to calculate this code, see below) |
hmac is a hash code that you calculate as follows:
HMAC-SHA1(secret, apiKey + ":" + ts)
For example, in PHP:
hash_hmac('sha1', $apiKey . ":" . time(), $secret);Assume that the API key is company2key , the secret is company2secret and the timestamp is 1429187979.
The computed hmac will therefore be calculated as: 7e42196943a343e7494fc2636a3f7313edfcd81f
If authentication is successful, the API will return a token, and an expiration date for the token.
Once you obtain your token, you should add it to all subsequent calls in the Authorization Header.
Authorization: CBX-SIMPLE-TOKEN Token=<token>
For example, using curl:
curl -H "Authorization: CBX-SIMPLE-TOKEN Token=e8ebf927234ec5dfc4cf66edbbe1382e886142f" https://api.colourbox.com/whoami
Running the above curl command will return information about your user.