Calculation of Signature

Here is a great doc on the Request Signature that will help.

Alternatively here is our sample Postman Collection that you can download and look at the Pre-request Script.

var timestamp = (Math.floor(new Date().getTime() / 1000) - 10).toString();
postman.setGlobalVariable("rapyd_request_timestamp", timestamp);

var signature_salt = CryptoJS.lib.WordArray.random(12);
postman.setGlobalVariable("rapyd_signature_salt", signature_salt);

var body = '';
if (JSON.stringify(request.data) !== '{}' && request.data !== '' && typeof request.data !=='object' ){
body = JSON.stringify(JSON.parse(request.data));
}

var secret = pm.environment.get('rapyd_secret_key');
var to_sign = request.method.toLowerCase() + request.url.replace('{{base_uri}}','/v1') + signature_salt + timestamp + pm.environment.get('rapyd_access_key') + secret + body;

console.log("to_sign " + to_sign);
var rapyd_signature = CryptoJS.enc.Hex.stringify(CryptoJS.HmacSHA256(to_sign, secret));
rapyd_signature = CryptoJS.enc.Base64.stringify(CryptoJS.enc.Utf8.parse(rapyd_signature));
console.log("rapyd_signature " + rapyd_signature);
postman.setGlobalVariable("rapyd_signature", rapyd_signature);

Note the following points about the signature calculation:

  • There is no signature on the API response.
  • There is a small difference between the API request signature and the webhook signature: The HTTP method (get, post, put, delete) is present for the API request and not for the webhook.
  • You need to run some tests with your Base64 algorithm to determine whether you have all the right settings.
1 Like

Hi @Berenberfin,

If you have checked the signature request above,

You can follow some of these videos

or make sure you aren’t catching these mistakes

Here’s also our github you can use as well: