Payload HMAC

If the desired endpoint requires a Hash-based Message Authentication Code (HMAC) of the payload they receive to verify authenticity, you may generate the hash value by constructing your Detokenize payload, adding your HMAC key in a header called TX_HMACKey, and posting it to the environment-appropriate URL listed below.





TX_HMACKey header value must be base64 encoded.

Our system will detokenize the payload, then generate an HMAC of the payload in its entirety using the hashing algorithm specified in the Type querystring parameter and the TX_HMACKey header. Acceptable Type values are:

  • HMACSHA256
  • HMACSHA384
  • HMACSHA512

Results will be returned in both the body and the headers of the Response.

tx_hashValueHashValueThe HMAC of the detokenized payload
tx_refNumberRefNumberThe TokenEx Reference Number for the transaction