website logo
⌘K
Getting Started
Introduction
Basic Concepts
Opening an Account
Creating & Configuring Products
Integrating SDK and Configuring License Fulfillment
Activate a Key-Based License
Vendor Platform
Issuing New Licenses
License Detail View
Order Detail View
Customer Detail View
Metadata
Analytics
Settings
Product Configuration
Product Features
Product Custom Fields
Product Versioning
License Policies
Product Bundles
License Entitlements
License Types
Activations & Device Transfers
Features
Custom Fields
License Start Date
License Note
Maintenance Period
Trial Licenses
Floating Licenses
License Activation Types
Portals
End-User Portal
Offline Portal
Air-Gapped Portal
License API
License API Authorization
License Activation/Deactivation
License Check
Consumption
Floating
Trial Key
Product Details
Device Variables
Changing Password
Management API
Making API Requests
Management API Authorization
Customer
Product
Order
License
Device
Analytics
SDKs
Tutorials
.NET/C# SDK
.NET/C# Management SDK
C++ SDK
Java SDK
Python SDK
Go SDK
Delphi SDK
Swift/Objective-C SDK
Android SDK
Unity SDK
Errors and Response Codes
Floating Server
API Reference
Deployment
Configuration
Floating Server UI
Securing the Server
Whitelabeling
FAQ
Floating Server Changelog
Integrations
Salesforce
FastSpring
Stripe
Shopify
Common Scenarios
Single Sign On (SSO)
Glossary
General
SDK Glossary
Vendor Platform
Product Configuration Glossary
License Configuration
Postman Collections
Frequently Asked Questions
Changelog
License API changelog
Platform changelog
Docs powered by
Archbee
License API

License API Authorization

2min

Server requests need to be authenticated and validated for their integrity, which is achieved by signing each request.

The signature, a unique representation of the request, is included as a parameter in the authorization header. This signature is a product of a specific algorithm applied to the request parameters, resulting in a unique string called the canonicalized signing string.

Each request from the client needs to have at least the following headers

1

Date (e.g. Date: Tue, 07 Jun 2014 20:51:35 GMT)

2

Authorization

  • algorithm="hmac-sha256"
  • headers="date"
  • signature="Base64(RSA-SHA256(signing_string))"
  • apikey="string"

Server will not accept requests where date header is set to past time.



Updated 15 Sep 2023
Did this page help you?
PREVIOUS
License API
NEXT
Signature
Docs powered by
Archbee
Docs powered by
Archbee