Document toolboxDocument toolbox

Authorizing Relay API requests

Owned by Juan Tomás Alonso Nieto (Deactivated)
Sept 08, 2022
1 min read

All Relay API requests must be authorized using an HMAC256 signature. The headers required to authorize your requests are:

Header

Value

Description

Header

Value

Description

x-logtrust-apikey

Domain API key

The domain API key. Learn more about Devo access keys (API key and API secret) in Security credentials.

x-logtrust-sign

HMAC SHA-256 (API key + body message + x-logtrust-timestamp, API secret)

Signed body as a HMAC SHA-256 using the API secret to sign the concatenation of the API key + body message + timestamp encoded as an hexadecimal string. If the request has an empty body message, the sign will be the concatenation of the API key + timestamp

If the signature is not valid, the server will return a 401 Unauthorized HTTP Status error

x-logtrust-timestamp

Current timestamp in milliseconds

The request timestamp, as an epoch in milliseconds.

Â