Skip to main content

Request URL

https://user.pmock.com/api

Authentication

To authenticate with our API, you need to include two headers in your requests:
  1. pmock-access-key: Your access key
  2. pmock-access-token: A signature generated using HMAC-SHA256
The signature is generated by:
  • timestamp = The current second level timestamp is rounded down to an integer multiple of the entire minute
  • accessKey:timestamp = To be encrypted string
  • Using the HMAC-SHA256 algorithm, encrypt the encrypted string using the secretKey as the key,Convert the encrypted result to a base64 string

Java Signature Generation Example

public static String generateSignature(String accessKey, String secretKey)
        throws NoSuchAlgorithmException, InvalidKeyException {

    // Get the current timestamp
    long currentTime = Instant.now().getEpochSecond();
    long timestamp  = currentTime - (currentTime % 60);

    // Build a string to be signed
    String stringToSign = accessKey + ":" + timestamp;

    // Sign with HMAC-SHA256
    Mac sha256HMAC = Mac.getInstance("HmacSHA256");
    SecretKeySpec secretKeySpec = new SecretKeySpec(secretKey.getBytes(StandardCharsets.UTF_8), "HmacSHA256");
    sha256HMAC.init(secretKeySpec);

    byte[] hash = sha256HMAC.doFinal(stringToSign.getBytes(StandardCharsets.UTF_8));

    // Convert byte array to base64 string
    return Base64.getEncoder().encodeToString(hash);
}