Tweet
Hi all,
Did anyone manage to authenticate using HMAC with an ApiUser ? I could do it with username & password (for a regular User) and with apiKey (for ApiUser) but I can't figure out how to do it with HMAC.
I followed the instruction in the doc https://www.espocrm.com/documentation/development/api/
and used this API client as a basis https://www.espocrm.com/documentatio...client-python/
but something is off, my code generates the header, I hash the secret with the message as explained in the doc and I encode it base64 with no errors. But espoCRM refuses the request by saying the credentials are incorrect.
Here is a part of code I use to generate the header which seems not to be accepted by espoCRM :
Regards
Did anyone manage to authenticate using HMAC with an ApiUser ? I could do it with username & password (for a regular User) and with apiKey (for ApiUser) but I can't figure out how to do it with HMAC.
I followed the instruction in the doc https://www.espocrm.com/documentation/development/api/
and used this API client as a basis https://www.espocrm.com/documentatio...client-python/
but something is off, my code generates the header, I hash the secret with the message as explained in the doc and I encode it base64 with no errors. But espoCRM refuses the request by saying the credentials are incorrect.
Here is a part of code I use to generate the header which seems not to be accepted by espoCRM :
Code:
import requests
import base64
import hmac
import hashlib
headers = {}
hmac_str = hmac.new(key=secret_key.encode(), msg=(method + ' /' + action).encode(), digestmod=hashlib.sha256).hexdigest()
auth_str = api_key + ':' + hmac_str
headers['X-Hmac-Authorization'] = base64.b64encode(auth_str.encode())
Comment