Enable/Update HMAC
This endpoint should not be consumed before every request that needs HMAC security. It should be consumed when there is no active traffic between us and the site. Failure to do this may create a race condition on active requests that require HMAC security, and these requests may result in an HMAC errorHmacDoesNotMatch error.
Enabling / Updating HMAC Security API Endpoint
PUT https://api-prod.alfa-instap-cpt.uk/secpub/hmac
This operation enables or updates HMAC security for the customer.
When there is no secret, this request will initialize it. Otherwise, it will update the existing HMAC secret.
Headers
content-type*
string
application/json
x-api-key*
String
Replace your API key
Request Body
hmacSecret*
string
The secret MAC to sign the payloads. It is a good idea to use UUID v4 when generating a safe MAC.
The system successfully saves HMAC's secret and enables HMAC for the customer.
HMAC secret must be at least 16 characters long and must be at most 64 characters.
{ message: 'Forbidden' }A firewall rule protects (IP Whitelist ) each and every one of our endpoints. You will receive this response if your endpoint is not on the white list.
Example
curl --request PUT \
--url https://api-prod.alfa-instap-cpt.uk/secpub/hmac \
--header 'Content-Type: application/json' \
--header 'x-api-key: YOUR-API-KEY' \
--data '{
"hmacSecret": "020194f9-8c09-42ed-9b8d-23fc777990fc"
}'Last updated
Was this helpful?