The procedures to create the signature for using the SSOfy server can be summed up as follows:

  1. Combine all parameters of "query" and "form" into a single associative array.
  2. Sort recursively by keys.
  3. Iterate recursively through keys and merge values into a single linear string with no delimiters.
  4. Concat PATH + VALUES + SALT.
  5. Hash the concatenated string using HMAC-SHA256 method.

Depending on the implementation, the recursive sort and value concatenation procedure may vary. Some programmers choose to do the recursive sort first before merging the results, while others may combine the two operations in a single iteration.

Path in the url starting with /.

For instance, the path for a URL like https://api.ssofy.com/v1/authenticated/verify is:

/v1/authenticated/verify

📌 Info

When generating signature for responses, path will be equivalent to the handler endpoint (current endpoint).

Salt should be a random string between 6 and 32 characters in length.

Here is a step-by-step breakdown of a sort and merge process:

Assuming we have a json payload like this:

{
    "b": "Red",
    "a": {
        "c": "Blue",
        "a": "Yellow",
        "b": "Green"
    }
}

The sorted object should resemble the following:

{
    "a": {
        "a": "Yellow",
        "b": "Green",
        "c": "Blue"
    },
    "b": "Red"
}

And here are the merged values:

YellowGreenBlueRed

YellowGreenBlueRed

Boolean values should be transformed into either 1 (true) or 0 (false).

Simple arrays should be considered index-associated since the iteration is over the keys of the array.

Example:

["A", "B", "C"]

=>

{
    0: "A",
    1: "B",
    2: "C"
}

Given the following parameters:

URLhttps://api.ssofy.com/v1/signature-test?mood=happy&dummy=true
Data{
    "b": "Red",
    "a": {
        "c": "Blue",
        "a": "Yellow",
        "b": "Green"
    }
}
SecretSECRET-BETWEEN-US
SalttUPDqF

Our signature can be produced as follows:

  1. Combine all parameters of "query" and "form" into a single associative array.
{
    "mood": "happy",
    "dummy": true,
    "b": "Red",
    "a": {
        "c": "Blue",
        "a": "Yellow",
        "b": "Green"
    }
}
  1. Sort recursively by keys.
{
    "a": {
        "a": "Yellow",
        "b": "Green",
        "c": "Blue"
    },
    "b": "Red",
    "dummy": true,
    "mood": "happy"
}
  1. Iterate recursively through keys and merge values into a single linear string with no delimiters.
YellowGreenBlueRed1happy
  1. Concat PATH + VALUES + SALT.
/v1/signature-testYellowGreenBlueRed1happytUPDqF
  1. Hash the concatenated string using HMAC-SHA256 method.
49dfbcc23614133ad4823f8027cd3b583dcab0c811f2f844d84c2cf453987131

When including the signature in request or response headers, the format should be a base64 representation of a json object containing both hash and salt:

{
    "hash": "49dfbcc23614133ad4823f8027cd3b583dcab0c811f2f844d84c2cf453987131",
    "salt": "tUPDqF"
}

=>

Signature: ewogICAgImhhc2giOiAiNDlkZmJjYzIzNjE0MTMzYWQ0ODIzZjgwMjdjZDNiNTgzZGNhYjBjODExZjJmODQ0ZDg0YzJjZjQ1Mzk4NzEzMSIsCiAgICAic2FsdCI6ICJ0VVBEcUYiCn0=
ssofyKnowledge Base
At our core, we believe that staying up-to-date with the latest trends and advancements in Authentication and related areas is essential. That's why we take great pride in keeping you informed with the latest insights, updates, and news in this rapidly evolving landscape.


Do you need support?
Submit A Ticket
SSOfy is by Cubelet Ltd.
Copyright © 2024 Cubelet Ltd. All rights reserved.