Generating the Authentication Key
The Authentication Key is a Base64-encoded Hash-based Message Authentication Code (specifically HMAC-SHA256) to be generated on your server (not on a mobile device), using your Client Secret Key (available in the Customer Portal), and a pipe-delimited concatenated string consisting of the TokenEx ID, Timestamp, and either the Token or TokenScheme depending on which function you intend to call (see the Examples section for each respective endpoint).
Note
The Authentication Key is only valid with a timestamp less than 20 minutes old.
Example C# HMAC Generation
private string GenerateHMAC(string concatenatedInfo, string clientSecretKey)
{
var result = string.Empty;
var hmac = new System.Security.Cryptography.HMACSHA256();
hmac.Key = System.Text.Encoding.UTF8.GetBytes(clientSecretKey);
var hash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(concatenatedInfo));
result = Convert.ToBase64String(hash); // Ensure the string returned is Base64 Encoded
return result;
}
HMAC Construction - Tokenize & TokenizeWithCVV & Bin Lookup
TokenEx ID: YourTokenExID
Timestamp: 20180109161437
Token Scheme: sixTOKENfour
Client Secret Key: TEST
Concatenated String: 123456789987654321|20180109161437|sixTOKENfour
Authentication Key: 3mHJFag1ICQiwRdSw1QY86WUvt3IDklswf6AA/q+wdU=
HMAC Construction - TokenizeCVV
TokenEx ID: YourTokenExID
Timestamp: 20180109161437
Token: 545454587415454
Client Secret Key: TEST
Concatenated String: 123456789987654321|20180109161437|545454587415454
Authentication Key: 26WAwVdSeLl3baTY8/uOJ9A/Ljc7/TCDbMnadJ4fOqc=
Updated 7 months ago