- Previous: Find Locations by Name
- Up: Documentation Overview
- Next: Source Taxonomy Values
Authentication
Requests to the Patch API must be authenticated with an MD5 hash of your developer key, your shared secret, and a timestamp of your request:
Obtaining Your Developer Key and Shared Secret
Apply for a developer key and shared secret. You'll be approved immediately, and we'll send you your key and shared secret by email. If you forget your key or secret, you can always find later in your account.
Authentication Formatting
Your developer key must be appended to all API requests as follows:
&dev_key={key}
And a hex-encoded MD5 hash of your developer key, shared secret, and the UNIX timestamp of your request must be appended to all API requests as follows:
&sig={hex-encoded MD5(key + secret + timestamp)}
The UNIX timestamp is the number of seconds since the Unix Epoch (January 1 1970 00:00:00 GMT) at the time the request was made.
Authentication Examples
For an example of how to generate your signature, check out lines 46-52 of /lib/outside_in/resource/base.rb in our Ruby SDK:
def self.sign(url)
raise SignatureException, "Key not set" unless OutsideIn.key
raise SignatureException, "Secret not set" unless OutsideIn.secret
sig_params = "dev_key=#{OutsideIn.key}&sig=#{MD5.new(OutsideIn.key + OutsideIn.secret +
Time.now.to_i.to_s).hexdigest}"
url =~ /\?/ ? "#{url}&#{sig_params}" : "#{url}?#{sig_params}"
end
You can also review our sample code in Ruby, Python, Java, C#, Objective C, and Javascript on GitHub: https://github.com/outsidein/api-examples.
- Previous: Find Locations by Name
- Up: Documentation Overview
- Next: Source Taxonomy Values
5 Comments
Jail Exchange – 3 years ago
I keep getting 403 NOT AUTHORIZED.
Can you clarify what needs to be hashed:
sig=MD5(key + secret + timestamp)
sig=MD5(key) + secret + timestamp
sig=MD5(key) + MD5(secret) + Md5(timestamp)
In fact I tried them all, without success. How about an example?
thanks
Brian Moseley – 3 years ago
It's MD5(key + secret + timestamp). Make sure you are using the hex-encoded version of the digest, not the raw bytes. See http://developers.outside.in/forum/read/84333 for a working example. We'll make sure to clarify the docs too.
mconta – 3 years ago
Here a basic test program written in c#, I think is a good start, it queries for locations:
///////////////////
using System;
using System.Collections.Generic;
using System.Text;
using System.Net;
using System.IO;
using System.Security.Cryptography;
namespace ConsoleApplication1
{
class Program
{
static void Main(string[] args)
{
Console.WriteLine("enter location:");
string action = Console.ReadLine();
while (action != "")
{
string search;
search = action;
string mykey = "xxx";
string shared_secret = "xxx";
int unixTime = (int)(DateTime.UtcNow - new DateTime(1970, 1, 1)).TotalSeconds;
string sUrl = "http://hyperlocal-api.outside.in/v1.1/locations/named/" + search + "?dev_key=" + mykey + "&sig=" + MD5_ComputeHexaHash(mykey + shared_secret + unixTime.ToString());
WebRequest wrGETURL;
wrGETURL = WebRequest.Create(sUrl);
Stream objStream;
objStream = wrGETURL.GetResponse().GetResponseStream();
StreamReader objReader = new StreamReader(objStream);
string sLine = "";
int i = 0;
while (sLine != null)
{
i++;
sLine = objReader.ReadLine();
if (sLine != null)
Console.WriteLine("{0}:{1}", i, sLine);
}
action = Console.ReadLine();
}
}
public static string MD5_ComputeHexaHash(string text)
{
// Gets the MD5 hash for text
MD5 md5 = new MD5CryptoServiceProvider();
byte[] data = Encoding.Default.GetBytes(text);
byte[] hash = md5.ComputeHash(data);
// Transforms as hexa
string hexaHash = "";
foreach (byte b in hash)
{
hexaHash += String.Format("{0:x2}", b);
}
// Returns MD5 hexa hash
return hexaHash;
}
}
}
Brian Moseley – 3 years ago
Yep, that example code works for me. Thanks mconta!
Chintan Shah – 2 years ago
Any Code for PHP ??
Please sign in to post a comment.