Bringg

Authentication

Bringg support a simple private-public key authentication scheme. Once you have your developer ID, you will receive two keys: your access key (which is your public key) and your secret key. Keep the secret one out of sight - using those two keys will allow anyone to masquerade as you.

How to sign my requests?

Once you have your request ready, add two parameters to your array:

  • timestamp = the current time in unix format
  • access_token = the public key you have been given

Take this new list (which has at least 2 parameters one) and URL encode it, and sign the result using an HmacSHA1 mechanism with your private key. The result of this signing process is another key: add it to your original parameters list with the signature key.

Example

This example is taken from our Ruby client implementation. You can also look at the Javascript or PHP examples. for additional help or ask us to help with your own technology.
You can also use our Tester to verify your signature

Given access key of "12345" and private key of "67890", when trying to create a task giving the following parameters:

  • customer_id: 174
  • title: "this is just a test"
params = {"customer_id" => 174, "title" => "this is just a test"}
params[:timestamp] ||= Time.now.to_i
params[:access_token] ||= "12345"
var params = JSON.parse('{"customer_id": 174, "title": "this is just a test"}');
params.timestamp = Date.now();
params.access_token = "12345";
<?php

  $data = array(
      'customer_id' => 174,
      'title' => "this is just a test"
  );
  $data["access_token"] = "12345";
  $data["timestamp"] = date('Y-m-d H:i:s');

?>

Make the parameters into a query string:

query_params = params.to_query
params.merge(signature: OpenSSL::HMAC.hexdigest("sha1", "67890", query_params))
var query_params = '';
for (var key in params) {
    var value = params[key];
    if (query_params.length > 0) {
      query_params += '&';
    }
    query_params += key + '=' + encodeURIComponent(value);
}
params.signature = CryptoJS.HmacSHA1(query_params, "67890").toString();
<?php

  $secret_key = "67890";
  $query_string = http_build_query($data);
	$signature = hash_hmac("sha1", $query_string, $secret_key);
	$data["signature"] = $signature;

?>

And that's all you need!