Forum Documentation Showcase Pricing Learn more

Generate SHA256 hash for API-token

Hello!

I am trying to implement an identity verification provider through their API.
One of the headers in the API call is an API token that is generated by using my API-key and timestamp as input for an SHA256 hash.

If the token could be generated just once I could easily find somewhere to generate it, but since it includes a time stamp it will have to be recreated for every api call.
I think I could connect to an API that could generate the hash and send it back to bubble, but I haven’t found a provider of this yet.

Does anyone have any experience with this?

1 Like

@pnodseth were you successful in finding a provider online? Everything I’ve come across talks about generating it on your own server with php, C#, etc.

Ok, so one possibility that might allow us to create an API to call and return an HMAC-SHA256 is using AWS Lambda and AWS API Gateway:


We could possibly build our own API that allows us to connect to NodeJS and perform the encryption.

Some further reading that may be helpful:


https://www.robertkehoe.com/2013/10/generating-aws-hmac-in-nodejs/

Yes, I think this would also be possible using node.js and Webtask.io as well.

I have created some simple APIs using node packages before. There is one for generating hashes so should be possible.

I saw webtask.io in my search also, but wasn’t sure if you could create an API to call it. My use case is connecting to Amazon to return products and the last part of their API requires combining all of the previous key/values and generating a HMAC-SHA256 code as the last key called Signature. So I was thinking I could call another API, send it all of the key/values to generate the Signature value.

webstask.io is just an API with some nodejs in it.

You pass parameters, get stuff back…

Here is one that just parses a text to a numeric.

https://webtask.it.auth0.com/api/run/wt-nigel_godfrey-gmail_com-0/parsefloat?string=0123.41

Unfortunately, Windows 10 needed reinstalling, so all my node stuff will need to be rebuilt.

You can use the plugin ToolBox. It’s got a workflow action called ‘Server script’, with which you can use Node.js’s built-in modules ‘crypto’ and ‘buffers’:

var crypto = require('crypto')
                  , text = 'I love cupcakes'
                  , key = 'abcdeghi'
                  , hash;

var hash = crypto.createHmac('sha256', key).update(text).digest('hex');

var base64 = Buffer.from(hash).toString('base64');