Interface authentication
All API interface calls must perform interface authentication, that is, add some request headers and request parameters (sig) to the http post request
Note: C7 Malaysia will provide two accounts. For authentication information, use the “User Center” account and password to query in [Docking Data Query] (../ data-query.md). Information for authentication The account Id is the account number.
1 Request header
Content-Type:application/json;charset=utf-8;
Authorization: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX;
- Authorization is Header authentication information
Authorization value is Base64 encoded (account ID + colon + timestamp)
The account Id can be queried in [Docking Data Query] (../ data-query.md).
C7 Malaysia will provide two accounts, one is 8xxx @ xxx and the other is xxx. Docking data query uses all-letter account query.
E.g:N00000000556:20161013113612
After base64 encoding:TjAwMDAwMDAwNTU2OjIwMTYxMDEzMTEzNjEy
- Colons are English colons
- The timestamp is the current system time in the format "yyyyMMddHHmmss", which must be the same as the timestamp in the sig parameter.
2 Request parameters (sig)
E.g:
-
The URL must be followed by a sig parameter, such as sig=AAABBBCCCDDDEEEFFFGGG。
-
The sig value is 32-bit uppercase MD5 encryption (account ID + account APISecret + timestamp)
E.g: N00000000556secret20161013113612
md5 encryption is 88996D9907E0EE52C5DAF8EFFCC31CFC
-
Timestamp is the current system time, format is"yyyyMMddHHmmss".The timestamp is a 24-hour clock, such as:20140416142030,The validity period is 5 minutes, that is, the interface must be requested within 5 minutes after the sig is generated.
-
APISecret can query in [Docking Data Query] (../ data-query.md)
3 Request body
The request body data type is JSON. If the interface does not require it, it can be omitted.
E.g:{"_id":"22e25d60-809d-11e6-ad5a-b7e3030127fb"}
4 Scenario example
Requirements: Access to query customer data interface
E.g:
Customer account:N00000000556
current time:20161013164303
APISecret: 123456
Authorization: "TjAwMDAwMDAwNTU2OjIwMTYxMDEzMTY0MzAz"
sig:"AED8764EFF64286C14E1F26648FF140F"
Request method:POST
Request header:
Content-Type:application/json;charset=utf-8;
Authorization: TjAwMDAwMDAwNTU2OjIwMTYxMDEzMTY0MzAz;
Request body:
{"version":"201610100019"}
The request returned successfully:
Authentication failure returns:
{
"message": "Forbidden",
"code": 403
}
Authentication is successful, the request body parameters are returned incorrectly:
{
"code": 400,
"message": "please check your parameters"
}
Sample code: (Take the agent status interface as an example)
NodeJS sample code apiDemo/demo.js
JAVA sample code apiDemo/src/com/m7/restapi/demo/ApiDemo.java
php sample code moor.php