Generating the Signature

The signature is built by applying a keyed-HMAC (Hash Message Authentication Code) on parameter string prefixed by the REST API path. The secretKey is provided as a parameter to the keyed-HMAC method. For each field-value pair (as separated by a '&') in the Parameter String, URL, encode each value so that it can be safely sent via HTTP GET.

Note: Make sure all spaces are encoded as "%20".

1. Make the entire Parameter String in lowercase and sort it alphabetically via the field for each field-value pair.


2. Prefix the parameter string with the REST API path as shown below:


3. Take the prefixed Parameter String and run it through the HMAC SHA-1 hashing algorithm with the user's Secret Key. After reconstructing, the final URL appears as follows:


Sample Code to Generate Signature

public String signRequest(String parameterString, String SecretKey) { 
try { 
Mac mac = Mac.getInstance("HmacSHA1"); 
SecretKeySpec keySpec = new SecretKeySpec(SecretKey.getBytes(), "HmacSHA1"); 
byte[] encryptedBytes = mac.doFinal(); 
return URLEncoder.encode(Base64.encodeBytes(encryptedBytes), "UTF-8"); 
} catch (Exception ex) { 

return null; 

Have more questions? Submit a request