Authentication

The following authentication method is only needed if you are not using one of the provided client libraries.

To authenticate a request you must include an authorization header, including your auth id and request signiture in base64 encoding. To create the request signature you must first create a data string containing all request parameters. Then using your secret access key provided on sign up, calculate the HMAC of the data string using the HMAC-SHA1 algorithm. Once you have your generated HMAC you must create a authorization header by encoding your provided AuthID and your generated HMAC in base64.

Example

Desired Request: 
GET https://api.bananatag.com/tags?start=2013-10-20&end=2013-11-30
Building Signiture
  1. Build Data String: start=2013-10-20&end=2013-11-30&cursor=0
  2. Generate Signature using HMAC-SHA1 Algorithm:
    • Using "hex" encoding
    • Using secret access key as the HMAC key
    • Using generated data string as HMAC message
  3. Authorization Header: authorization: base64('your AuthID' : 'generated HMAC')