Access the Armor API System via an API token
You can use the API tokenization (C#) feature in the Armor Management Portal (AMP) to create an API key. This key will help you log into the Armor API system.
Step 1: Create an API key
When you create an API Key, you will generate a Secret Key. This key does not expire; you must securely store this key because Armor cannot retrieve this key for you.
If you lose the Secret Key, then you must delete the corresponding API Key in AMP. Afterwards, you must create a new API Key.
Armor cannot retrieve your Secret Key.
In the Armor Management Portal (AMP), in the left-side navigation, click Account.
Click Users.
Click API Keys.
Click the plus icon.
Enter a descriptive name, and then click Create Key.
Copy the Key ID and Secret Key.
Click Close.
The API Keys table will display a new entry.
Step 2: Authenticate into the Armor API system
To authenticate, you need to build a header with the following components:
Parameter | Description |
|---|---|
apiKey | Enter the Key ID generated from AMP. In the example below, replace use the api key id with your key ID. |
secretKey | Enter the Secret Key generated from AMP. In the example below, replace use the secret key with your secret key. |
nonce | Enter a unique ID.
|
requestPath | |
requestBody | |
timestamp | Enter a Unix time stamp within 5 minutes of the current time. |
httpMethod | Enter GET or POST. |
For all v2 API's, the request body should be empty.
using System;
using System.Security.Cryptography;
using System.Text;
public static class AuthHeaderHelper
{
/// <summary>
/// The following function creats the needed authentication header to work for ApiToken
/// HttpRequestMessage.Headers.Authorization = new AuthenticationHeaderValue("ARMOR-PSK", authValue)
/// </summary>
/// <param name="apiKey">Unique Id created by the customer</param>
/// <param name="secretKey">The secret key generated by the customer.</param>
/// <param name="requestPath">absolute path: Example: /accounts/2</param>
/// <param name="requestBody">Request body applies.</param>
/// <param name="httpMethod">Http Method: GET, POST, ...</param>
/// <returns>string auth header Example: 'ARMOR-PSK apiKey:signature:nonce:unixTime'</returns>
public static string CreateAuthorizationHeader(string apiKey, string secretKey, string requestPath, string requestBody, string httpMethod = "GET")
{
var requestContentBase64String = string.Empty;
var AUTH_TYPE = "ARMOR-PSK";
var timestamp = DateTimeOffset.UtcNow.ToUnixTimeSeconds();
var nonce = timestamp;
var requestData = apiKey + httpMethod + requestPath + nonce + timestamp + requestBody;
byte[] mac;
using (var hmac = new HMACSHA512(Encoding.UTF8.GetBytes(secretKey)))
{
mac = hmac.ComputeHash(Encoding.UTF8.GetBytes(requestData));
}
var signature = Convert.ToBase64String(mac);
var authHeader = AUTH_TYPE + ' ' + apiKey + ':' + signature + ':' + nonce + ':' + timestamp;
return authHeader;
}
}
Step 3: Make an API Call
To learn about the different calls that you can make, see Armor API Guide.
Related Documentation
To learn about the different calls that you can make, see Armor API Guide.
To learn how to create an API key or to learn a different way to access the Armor API system, see Pre-Shared Key Authentication Method.