You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 11 Next »


You can use the API tokenization feature in the Armor Management Portal (AMP) to create an API key. This key will help you log into the Armor API system. 

Step 1: Create an API key

Error rendering macro 'excerpt-include'

No link could be created for 'Create an API (snippet)'.

Step 2: Authenticate into the Armor API system

  1. In your Postman application, create a new GET request with the following endpoint:
  2. Click Headers
  3. Under Key, select Authorization
  4. In Value, enter {{hmacAuthHeader}}.
  5. Under Key, select Content-Type
  6. In Value, enter application/json
  7. In Body, enter your IP address. 
  8. Click Pre-request Script
  9. Enter the script below with the following updated parameters: 

Enter the Key ID generated from AMP.

In the example below, replace <use the api key id> with your key ID.


Enter the Secret Key generated from AMP.

In the example below, replace <use the secret key> with your secret key.


Enter a unique ID.

  • This ID cannot be longer than 128 characters.
  • This ID cannot contain a colon ( : ). 
timestampEnter a Unix time stamp within 5 minutes of the current time.
function getPath(url) {
    var pathRegex = /.+?\:\/\/.+?(\/.+?)(?:#|\?|$)/;
    var result = url.match(pathRegex);
    return result && result.length > 1 ? result[1] : '';
function getQueryString(url) {
    var arrSplit = url.split('?');
    return arrSplit.length > 1 ? url.substring(url.indexOf('?')+1) : '';
function getAuthHeader(httpMethod, requestUrl, requestBody) {
    *var APP_ID = '<use the api key id>';*
    *var SECRET_KEY = '<use the secret key>';*
    var AUTH_TYPE = 'ARMOR-PSK';
    var requestPath = getPath(requestUrl).replace('https', 'http');
    var queryString = getQueryString(requestUrl);
    if (httpMethod == 'GET' || !requestBody) {
        requestBody = '';
    } else {
        requestBody = requestBody.toString();
        requestBody = CryptoJS.enc.Base64.stringify(CryptoJS.SHA512(requestBody));
    var timestamp = Math.round(new Date().getTime() / 1000);
    var nonce = timestamp;
    var requestData = [APP_ID, httpMethod, requestPath, nonce, timestamp, requestBody].join("");
    var mac = CryptoJS.HmacSHA512(requestData, SECRET_KEY);
    var signature = CryptoJS.enc.Base64.stringify(mac);
    var authHeader = AUTH_TYPE + ' ' + APP_ID + ':' + signature + ':' + nonce + ':' + timestamp;
    return authHeader;
postman.setEnvironmentVariable('hmacAuthHeader', getAuthHeader(request['method'], request['url'], request['data']));

Step 3: Make an API Call

To learn about the different calls that you can make, see Armor API Guide.

Related documentation 

  • To learn about the different calls that you can make, see Armor API Guide.
  • To learn how to create an API key or to learn a different way to access the Armor API system, see Log into Armor API.