Generate HMAC Signature

Steps

1. Create the string to sign

Combine the following elements in this order:

METHOD + PATH + QUERY_STRING + TIMESTAMP + BODY

2. Calculate HMAC-SHA256

Use your hmacSecret key to calculate the signature:

Calculate Signaturejavascript

const crypto = require('crypto');

const signature = crypto
.createHmac('sha256', hmacSecret)
.update(stringToSign)
.digest('hex');

3. Add the header

Add the signature to the request header:

X-Awal-Signature-256: sha256={signature}

Complete JavaScript Example

Complete Examplejavascript

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
const crypto = require('crypto');

function generateSignature(method, path, queryString, timestamp, body, hmacSecret) {
// Build the string to sign
const stringToSign = `${method}${path}${queryString}${timestamp}${body}`;

// Calculate the signature
const signature = crypto
  .createHmac('sha256', hmacSecret)
  .update(stringToSign)
  .digest('hex');

return `sha256=${signature}`;
}

// Usage example
const method = 'POST';
const path = '/w/message/text';
const queryString = '?phone_number_id=123';
const timestamp = Math.floor(Date.now() / 1000);
const body = JSON.stringify({ 
phone: '96650000000', 
body: 'Hello' 
});
const hmacSecret = 'your-hmac-secret';

const signature = generateSignature(
method,
path,
queryString,
timestamp,
body,
hmacSecret
);

console.log('Signature:', signature);

← Back to Authentication

View Guide

Generate HMAC Signature

Generate HMAC Signature

Steps

Complete JavaScript Example

Related