Authentication
Deeple uses API keys to authenticate requests. You can view and generate your secret keys in Open api configuration page.
Authentication method
API makes use of HMAC (SHA256) as authentication method
Other systems will have to provided PID (project's id), SECRET and timestamp for generating a signature (Hashed HMAC).
Every request requires signature to be attached in request headers.
Signature
How to generate signature
| Description | |
|---|---|
| SECRET | API Secret (retrieved from Open api configuration) |
| BODY | Your request body in JSON string |
| METHOD | Http method for given API request (GET, POST, PUT, DELETE) |
Example
How to generate signature in Javascript
const SECRET = "__SECRET__";
const timestamp = new Date().getTime().toString();
// The timestamp is valid for 5 minutes from the current time.
// => '1608016559719'
const httpMethod = "POST";
const method = httpMethod.toUpperCase();
const stringifiedBody = JSON.stringify(req.body || {}); // Default to empty object, if request does not have any body
const rawSignature = `${method}\r\n${timestamp}\r\n${stringifiedBody}`;
// => 'POST\r\n1608016559719\r\n{}'
const signature = createHmac("SHA256", SECRET)
.update(rawSignature)
.digest("hex");
// => '724f97f6bade275634d1f81cdd42fd5977e5b5f0e5eecd91e10df93a47e9a49c'
Headers
Every request must include following headers
| Description | |
|---|---|
| PID | Your project id |
| TIMESTAMP | timestamp on request |
| SIGNATURE | Your hash signature |
x-deeple-pid: <PID>
x-deeple-signature: <SIGNATURE>
x-deeple-timestamp: <TIMESTAMP>
Example
{
'x-deeple-pid': '5'
'x-deeple-signature': '724f97f6bade275634d1f81cdd42fd5977e5b5f0e5eecd91e10df93a47e9a49c'
'x-deeple-timestamp': '1608016559719'
}
Reference
- Example on how to create HMAC256 on various languages link
- Example on how to create HMAC256 in repository on various languages link
Remarks
Please keep in mind that in order to use Deeple API. If you have further questions, please contact sales@deeple.ai