Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: change layer margin to -16px 0 0 0
Content Layer
margin-16px 0 0 0
id137329015
Content Column
id137329026
Content Block
id137329014

Armor Knowledge Base  /  Armor API Guide  /  Pre-Shared Key Authentication Method - Legacy

Access the Armor API System via an API token (Postman and JavaScript)

Content Block
id137329025

You can use the API tokenization feature in the Armor Management Portal (AMP) to create an API key. This key will help you log into the Armor API system. 


Step 1: Create an API key

Excerpt Include
ESLP:Create an API (snippet)
ESLP:Create an API (snippet)
nopaneltrue


Step 2: Authenticate into the Armor API system

  1. In your Postman application, create a new GET request with the following endpoint: https://api.armor.com/roles
  2. Click Headers
  3. Under Key, select Authorization
  4. In Value, enter {{hmacAuthHeader}}.
  5. Under Key, select Content-Type
  6. In Value, enter application/json
  7. Click Pre-request Script
  8. Enter the script below with the following updated parameters:

ParameterDescription
APP_ID

Enter the Key ID generated from AMP.

Note

In the example below, replace <use the api key id> with your key ID.

SECRET_KEY

Enter the Secret Key generated from AMP.

Note

In the example below, replace <use the secret key> with your secret key.

nonce

Enter a unique ID.

  • This ID cannot be longer than 128 characters.
  • This ID cannot contain a colon ( : ). 
timestampEnter a Unix time stamp within 5 minutes of the current time.



Code Block
themeMidnight
function getPath(url) {
    var pathRegex = /.+?\:\/\/.+?(\/.+?)(?:#|\?|$)/;
    var result = url.match(pathRegex);
    return result && result.length > 1 ? result[1] : '';
}
  
function getQueryString(url) {
    var arrSplit = url.split('?');
    return arrSplit.length > 1 ? url.substring(url.indexOf('?')+1) : '';
}
  
function getAuthHeader(httpMethod, requestUrl, requestBody) {
    *var APP_ID = '<use the api key id>';*
    *var SECRET_KEY = '<use the secret key>';*
    var AUTH_TYPE = 'ARMOR-PSK';
    var requestPath = getPath(requestUrl).replace('https', 'http');
    var queryString = getQueryString(requestUrl);
    if (httpMethod == 'GET' || !requestBody) {
        requestBody = '';
    } else {
        requestBody = requestBody.toString();
        requestBody = CryptoJS.enc.Base64.stringify(CryptoJS.SHA512(requestBody));
    }  
    var timestamp = Math.round(new Date().getTime() / 1000);
    var nonce = timestamp;
    var requestData = [APP_ID, httpMethod, requestPath, nonce, timestamp, requestBody].join("");
    var mac = CryptoJS.HmacSHA512(requestData, SECRET_KEY);
    var signature = CryptoJS.enc.Base64.stringify(mac);
    var authHeader = AUTH_TYPE + ' ' + APP_ID + ':' + signature + ':' + nonce + ':' + timestamp;
    return authHeader;
}
postman.setEnvironmentVariable('hmacAuthHeader', getAuthHeader(request['method'], request['url'], request['data']));


Step 3: Make an API Call

To learn about the different calls that you can make, see Armor API Guide.


Related Documentation 




Was this helpful?
Rate Macro
themedivs

Scrolltotopmobi