Enable/Update HMAC

This endpoint should not be consumed before every request that needs HMAC security. It should be consumed when there is no active traffic between us and the site. Failure to do this may create a race condition on active requests that require HMAC security, and these requests may result in an HMAC errorHmacDoesNotMatch error.

Enabling / Updating HMAC Security API Endpoint

PUT https://api-prod.alfa-instap-cpt.uk/secpub/hmac

This operation enables or updates HMAC security for the customer.

When there is no secret, this request will initialize it. Otherwise, it will update the existing HMAC secret.

Headers

Name

Type

Description

content-type*

string

application/json

x-api-key*

String

Replace your API key

Request Body

Name

Type

Description

hmacSecret*

string

The secret MAC to sign the payloads. It is a good idea to use UUID v4 when generating a safe MAC.

The system successfully saves HMAC's secret and enables HMAC for the customer.

Example

curl --request PUT \
  --url https://api-prod.alfa-instap-cpt.uk/secpub/hmac \
  --header 'Content-Type: application/json' \
  --header 'x-api-key: YOUR-API-KEY' \
  --data '{
	"hmacSecret": "020194f9-8c09-42ed-9b8d-23fc777990fc"
    }'

PreviousAPI Security NextOverview

Last updated 11 months ago

hashtagEnabling / Updating HMAC Security API Endpoint

hashtagHeaders

hashtagRequest Body

hashtagExample

Enabling / Updating HMAC Security API Endpoint

Headers

Request Body

Example