Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: change layer margin to -16px 0 0 0
Content Layer
margin-16px 0 0 0
Content Column
Content Block

Armor Knowledge Base  /  Armor API Guide  /  Pre-Shared Key Authentication Method - Legacy

Access the Armor API System via an API token (C#)

Content Block

You can use the API tokenization feature in the Armor Management Portal (AMP) to create an API key. This key will help you log into the Armor API system. 

Step 1: Create an API key

Excerpt Include
ESLP:Create an API (snippet)
ESLP:Create an API (snippet)

Step 2: Authenticate into the Armor API system

To authenticate, you need to build a header with the following components: 


Enter the Key ID generated from AMP.


In the example below, replace use the api key id with your key ID.


Enter the Secret Key generated from AMP.


In the example below, replace use the secret key with your secret key.


Enter a unique ID.

  • This ID cannot be longer than 128 characters.
  • This ID cannot contain a colon ( : ). 
timestampEnter a Unix time stamp within 5 minutes of the current time.
httpMethodEnter GET or POST.

Code Block
    using System;
    using System.Security.Cryptography;
    using System.Text;
    public static class AuthHeaderHelper
        /// <summary>
        /// The following function creats the needed authentication header to work for ApiToken
        /// HttpRequestMessage.Headers.Authorization = new AuthenticationHeaderValue("ARMOR-PSK", authValue)
        /// </summary>
        /// <param name="apiKey">use the api key id</param>
        /// <param name="secretKey">use the secret key</param>
        /// <param name="nonce">A unique value, has 5 min lifespan</param>
        /// <param name="requestPath">absolute path: Example: /accounts/2</param>
        /// <param name="requestBody">Request body applies.</param>
        /// <param name="timestamp">Must be current time</param>
        /// <param name="httpMethod">Http Method: GET, POST, ...</param>
        /// <returns>string auth header Example: 'ARMOR-PSK apiKey:signature:nonce:unixTime'</returns>
        public static string CreateAuthorizationHeader(string apiKey, string secretKey, string nonce, string requestPath, string requestBody, DateTime? timestamp, string httpMethod = "GET")
            var dateTime = timestamp ?? DateTime.UtcNow;
            using (var sha512 = new SHA512Managed())
                var requestBodyBytes = Encoding.ASCII.GetBytes(requestBody);
                var content = Convert.ToBase64String(sha512.ComputeHash(requestBodyBytes));
                requestBody = content.Length != 0 ? content : string.Empty;
            Console.WriteLine("Request Body is: {0}", requestBody);
            requestPath = "/accounts/2".ToLower();
            var unixTime = (Int32)(dateTime.Subtract(new DateTime(1970, 1, 1))).TotalSeconds;
            var requestData = string.Format("{0}{1}{2}{3}{4}{5}", apiKey, httpMethod, requestPath, unixTime, nonce, requestBody);
            Console.WriteLine("Request Data is: {0}", requestData);
            string signature = string.Empty;
            using (var hmac = new HMACSHA512(Encoding.UTF8.GetBytes(secretKey)))
                var result = hmac.ComputeHash(Encoding.UTF8.GetBytes(requestData));
                signature = Convert.ToBase64String(result);
            return string.Format("{0}:{1}:{2}:{3}", apiKey, signature, nonce, unixTime);

Step 3: Make an API Call

To learn about the different calls that you can make, see Armor API Guide.

Related Documentation 

Was this helpful?
Rate Macro