DMDS API
Section: Help: Authenticating Requests Using the REST API
When accessing DMDS API using REST, you must provide the following items in your request so the request can be authenticated:
Request Elements
- DMDS Access Key Id (API Key) — It is the access key id of the identity you are using to send your request.
- Signature — Each request must contain a valid request signature, or the request is rejected.
- A request signature is calculated using your Secret Access Key, which is a shared secret known only to you and DMDS.
- Time stamp — Each request must contain the date and time the request was created, represented as a string in UTC.
Following are the general steps for authenticating requests to DMDS API. It is assumed you have the necessary security credentials, Access Key ID/API Key and
Secret Access Key.
Explanation of Steps 1 - 3
| STEP 1 |
Construct a request to DMDS API |
| STEP 2 |
Calculate signature using your Secret Access Key |
| STEP 3 |
Send the request to DMDS API. Include your Access Key ID/API Key and the signature in your request. DMDS performs the next 3 steps. |
Explanation of Steps 4 - 6
| STEP 4 |
DMDS API uses the Access Key ID/API Key to look up your Secret Access Key |
| STEP 5 |
DMDS API calculates a signature from the request data and the Secret Access Key/API Key using the same algorithm you used to calculate the
signature you sent in the request.
|
| STEP 6 |
If the signature generated by DMDS API matches the one you sent in the request, the request is considered authentic. If the comparison fails, the request is discarded,
and DMDS API returns an error response.
|
|
