All calls to Tipalti's API web service carry an encryption key. Every request to Tipalti must contain authentication information to establish the identity of the organization making the request. The authentication process is accomplished by signing the headers using a calculated signature [hmac] (Hashkey).
There are 4 steps in which the signature is calculated:
-
An authentication string, which contains
-
- Payer name [PayerName]
- Payee ID [idap] (for payee functions)
- Unix Timestamp [now] (UTC time)
-
- Add any EAT parameters(based on function) to the authentication string. Each function has listed its EAT parameter.
- UTF-8 encode the authorization string
- Encrypt the authorization string with the private API key using HMACSHA256
Example of hmac calculation for Payer APIs - ProcessPayments using Python (No EATparameter)
# Import Libraries
import math
import time
import hmac
import hashlib
#Step 1 & 2 - Set variables, Payer Name and Private Key
PayerName = "YOUR-PAYER-API"
api_key = "YOUR-API-KEY"
#Calculate the time stamp
now = str(math.floor(time.time()))
#Define authentication string
auth_str = PayerName+now
#auth_str = PayerName+now+paymentGroupTitle if EAT is passed
#Step 3 - Encode the authentication string
auth_str.encode(encoding = 'UTF-8')
#Step 4 -Encrypt the authentication string and private key with SHA256
key = hmac.new(api_key.encode(), auth_str.encode(), hashlib.sha256).hexdigest()
#If using EAT parameter, define authentication string as:
""""
EATparameter = 'Enter Value'
auth_str = PayerName+now+EATparameter
""""