Hello.
I have a web services API that requires an Id and an hmac generated with the request parameters and an API Key to be placed in its authorization header.
Is there a way to obtain the call body to perform the HMAC?
In postman I have been able to make the call successfully with a pre-request which is the following:
const apiKey = pm.collectionVariables.get("apiKey");; const webId = pm.collectionVariables.get("webId"); const crypto = require('crypto-js'); if(pm.request.method === 'POST') { const parsedBody = JSON.parse(pm.request.body.raw); const jsonParams = JSON.stringify(parsedBody); // Create HMAC const hmac = crypto.HmacSHA256(jsonParams, apiKey); const hmacb64 = crypto.enc.Base64.stringify(hmac); // Set computed HMAC as an environment variable (or you could add it directly to the headers) pm.environment.set('hmacb64', hmacb64); // Construct the Authorization header const authorizationHeader = "signmage " + webId + ":" + hmacb64; pm.environment.set('Authorization', authorizationHeader); } else if(pm.request.method === 'GET') { const url = pm.request.url.getPathWithQuery(); const hmac = crypto.HmacSHA256(url, apiKey); const hmacb64 = crypto.enc.Base64.stringify(hmac); // Set computed HMAC as an environment variable (or you could add it directly to the headers) pm.environment.set('hmacb64', hmacb64); // Construct the Authorization header const authorizationHeader = "signmage " + webId + ":" + hmacb64; pm.environment.set('Authorization', authorizationHeader); }
But in Creatio I'm a little lost if it's possible to do something similar.
I would appreciate it if you could help me know if this is possible. Thank you.
Like
Hello Laura,
Thank you for your question.
I have contacted our R&D team regarding when this functionality will be implemented in our system. The HMAC-SHA256 signature is planned to be implemented with the 8.3 release. Currently, there is no built-in API to use HMAC.
Hope this helps.