Hi, I’m trying to request an API configured with HMAC Authorization and I create the following postman pre-request script, not sure what is wrong but I never got success:
var origin = "http://www.mysite.com";
var hmacSecret = "my hmac";
var secretId = "my secret id";
var target = "/myendpoint"
var headers = ["Date","origin"];
var tim = new Date().toUTCString();
pm.request.headers.add({
key: headers[0],
value: tim
});
pm.request.headers.add({
key: headers[1],
value: origin
});
// Prepare the signature string to include those headers
var signatureString = target+": get /" + "\n";
signatureString += headers[0]+":" + tim + "\n";
signatureString += headers[1]+":" + origin;
// SHA1 Encode the signature
var key = CryptoJS.enc.Utf8.parse(hmacSecret);
var hash = CryptoJS.HmacSHA256(signatureString, key);
var sigString = CryptoJS.enc.Base64.stringify(hash);
var headersString = headers.join(" ");
// Add the header
pm.request.headers.add({
key: 'Authorization',
value: 'Signature keyId="'+secretId+'",algorithm="hmac-sha256",headers="'+ target +' '+ headersString +'",signature="' + sigString + '"'
});
If someone has a hmac configuration, could you please help me to check what is wrong?