GlossarySupport

Authentication

Suggest Edits
Services APISubscriptions APITransactions APIAuthenticationUnsubscribe APIBlacklist API

In order for your API requests to work, You need to send Authentication Header in every request.

It consists of 3 separate headers with their respective parameters:CENTILI-ACCESS-USER (user name provided by Centili), CENTILI-ACCESS-SIGN (read bellow how to make it) and CENTILI-ACCESS-TIMESTAMP (UTC time from EPOCH).

Authentication headersvalues
CENTILI-ACCESS-USERusername
CENTILI-ACCESS-SIGNqwejsjkf12313jlsdfj
CENTILI-ACCESS-TIMESTAMP1504886245

How to construct "sign" parameter

1. Concatinate parameters:
Timestamp + Method + Request path + Body

2. Hash whole string with SHA1 with a secret key provided by Centili.

TimestampMethodRequest pathBody
1504886480


*will be valid 60 seconds after that exact time 		POST
or
GET		https://api.centili.com/v1/services


*including query parameters 		{
"serviceKey":"2ea0e6c989b433d6c591633f91c67e07",
"optInTrid":"4970484531",
"msisdn":"66876696573"
}

So, there are 2 things which Centili needs to provide:

  • username for Authentication Header
  • secret key for encryption

Updated over 6 years ago