POST and GET requests to the Doshii Data API must be properly authenticated via an API key provided as the X-API-KEY HTTP header.
In order to successfully compute the value (hash) for the aforementioned API key you will need:
- Your app’s ID (partner app consuming the API),
- your app’s client ID,
- and your app’s client secret
All of these can be easily obtained from your App's landing page on the Doshii Dashboard.
You will need to calculate an HMAC-SHA256 of your client ID using your client secret as the secret for the hash. The resulting hash must be encoded to hexadecimal and be concatenated with your app’s ID, using a colon as the separator.
Set the resulting string as the value of the X-API-KEY HTTP header.
Here is some pseudo-code to obtain a valid hash:
appId = 17 clientId = d41d8cd98f00b204e9800998ecf8427e clientSecret = 111a0012caa3ac9fc3ecd86b58aa9d1f hmac = HMAC-SHA256(clientId).withSecret(clientSecret).toHex() auth = appId:hmac X-API-KEY = auth