About the Sign
Introduction
- The ApiKey used to generate a signature for API request input parameters should be securely maintained by the merchant.
- Please contact us to get ApiKey/ApiSecret or generated a new ApiSecret.
Signature Parameters
Header
| Key | Value | Description |
|---|---|---|
| x-aeon-api-key | 50fe820c-bd45-4e10-90f2-6346e26e255f | ApiKey |
| x-aeon-timestamp | 1729675354694 | milliseconds timestamps(13-digit) |
| x-aeon-signature | 7087c6870ebed7ea712e930edc149c356fabbd21d0a0bf80e965f9c330 4f241f74310932f3d96ef682513e52d1875e64dca1a3f5dbabeefe3988c 55704334ea400 | Hash the content of the request message using SHA256 and encode the result in hexadecimal. |
Way To Generate Sign
Step 1: Generate An Sign String
<HTTPMethod>\n
<ReuqestURI>\n
<QueryString>\n
<Headers>\n
<Body>
Step 2: If QueryString and Body is blank, please skip the line, example:
POST
/api/v2/open/user/login-email
x-aeon-api-key:50fe820c-bd45-4e10-90f2-6346e26e255f
x-aeon-timestamp:1729675354694
{"email":"[email protected]","code":"000000"}
Step 3: Key and Valueof QueryString need to be UrlEncode, if there are several parameter of QueryString, the parameters need to be arranged in lexicographical order to regenerate QueryString, example:
b=1&a=2&c=3
Step 4: QueryString use in Sign:
a=2&b=1&c=3
Step 5: Generate Sign:
Signature = Hex(HmacSha256(DecodeHex(<ApiSecret>), <StringToSign>))
Updated 6 days ago