Authentication
This section is intended to describe authentication way to interact with SwiftFederation LSDN APIs.
Authorization Header and Format
- Authorization Header Definition
Field | Description |
---|---|
signatureAlgorithm | Signature Algorithm. E.g. HMAC-SHA256 |
accessKeyId | Access key id that is assigned to customer to call APIs. |
signature | Signature is the string which is signed based on request headers, request path, request method, access key ID and request body with access key secret. Please refer to “Signature Algorithm”. |
- Authorization Header Format
Authorization:${signatureAlgorithm} ${accessKeyId}:${signature}
Signature Algorithm
- Populate signing string
${HTTPMethod}+"\n"+${URI}+"\n"+${x-sfd-date}+"\n"+${x-sfd-nonce}+"\n"+${accessKeyId}+ "\n"+${requestBody}
e.g.
POST\n/v1.0/report/bandwidth\n20180330T200550Z\n90355\nlsdn123456\n{"domains":["www.example1.com","www.example2.com"],"startTime":"2018-03-29T17:35:00Z","startTime":"2018-03-29T 17:45:00Z"}
Note: Request method should be converted to uppercase, e.g. POST
- Generate Signature
Calculate signature of signing string by using HMAC-SHA256 algorithm with access key secret. And then use hex to encode signature to string.
byte[] signatureBytes = hmacSha256(${accessKeySecret}, ${signingString});
String signature = Hex.encodeHex(signatureBytes);