API keys
Use API keys to authenticate API requests.
BanQ authenticates your API requests using your service's API keys.
If a request doesn't include a signature, BanQ returns an URL signature error.
If a request includes an invalid signature, BanQ returns a header signature error.
You can create API keys with the following instruction
RSA-2048 key pair
Create key pair
Create RSA-2048 key pair for your service.
mkdir pk
openssl genrsa -out pk/gen.private.key 2048
openssl rsa -in pk/gen.private.key \
-outform PEM -pubout -out pk/gen.public.pem
Usage
Private
pk/gen.private.key
On the server side: Use this key to authenticate your API request. Don't expose this key.
Public
pk/gen.public.pem
Provide this key for other service to verify API request (signed with the private key). Can be publicly accessible.
Authenticate API request
Using Shell Command
Generate signature of the message with your key
openssl dgst -sha256 -sign pk/gen.private.key msg > sig
Fill base64 encoded signature in request header as
X-Signature
cat sig | base64
Using JavaScript
function sign(privatekey, msg) {
var rsa = new RSAKey();
rsa.readPrivateKeyFromPEMString(privatekey);
let hSig = rsa.sign(msg, "sha256");
let b64 = btoa(hSig.match(/\w{2}/g).map(function (a) { return String.fromCharCode(parseInt(a, 16)); }).join(""))
return b64
}
Verify API request
base64 decode the signature from request header
echo BASE64_ENCODED_SIG | base64 -d > sig
Verify signature
openssl dgst -sha256 -verify pk/gen.public.pem -signature sig msg
Last updated