Generating HMAC Authentication Header for Focus-Link Access
****3/19/2020****
THIS AUTHENTICATION METHOD HAS BEEN DEPRECATED. REFER TO USING BASIC AUTHENTICATION FOR ALL FocusLink AUTHENTICATION
Click here for information on FocusLink Basic Authentication
Background
Each Focus-Link Integrator requires a separate and unique HMAC based Authentication value for each Focus-Link equipped store that they will be accessing. This Authentication value is unique for each store, based on the storeKey.
Each Integrator will be provided a License Key and a License Signature which will remain the same throughout the Integrator's life with Focus.
Once obtained & calculated all RESTful calls to the Focus API will require that the HMAC Authentication Token be passed in the request header as the "authorization" header.
Obtaining your License Key and License Signature
Integrators must register with Focus POS Systems to obtain access to the Focus-Link API stack. Visit Focus POS Systems Contact Us to request Integrator Access.
Note - depending on the restaurant's Focus license additional fees for API access may be incurred by the restaurant.
Once registered with Focus POS Systems as an integrator, you will be provided with two up to 40 character string values:
- License Key
- License Secret
Using a storeKey
Each restaurant ("store") has a unique up to 6 digit storeKey that remains the same throughout that store's life with Focus*. The storeKey is a vital component of the Focus-Link Authentication scheme.
The store, Focus POS Systems or the Store's Focus POS Dealer can provide you, the Integrator, with the storeKey for a particular licensed store.
Note - not all Focus POS equipped restaurants are licensed for API access. Additional fees for API access may be incurred by the restaurant.
Generating HMAC Authentication Value
- Using the secretKey create a HMAC-SHA256 hash.
- With the secretKey-based hash, compute a byte-array signature of the licenseKey:storeKey
- Example: 1234567891011121314:7166
- Using the byte-array calculated in Step 2, concatenate the following: "hmac " + licenseKey + ":" + Base 64 Encoded String of the signature (Step 2) + ":" + storeKey
- Example: hmac 1234567891011121314:amtsYWRqZmxrYWpkbGZramFkbGtmamVsa3RqNA==:7166
The below code example is using C#
private static string calculateHmac(int venueKey)
{
string licenseKey = "<Your license key string here>";
string secretKey = "<Your license secret string here>";
HMACSHA256 hash = new HMACSHA256(Encoding.Default.GetBytes(secretKey));
byte[] signature = hash.ComputeHash(Encoding.Default.GetBytes($"{licenseKey}:{venueKey}"));
return $"hmac {licenseKey}:{Convert.ToBase64String(signature)}:{venueKey}";
}
Comments
0 comments
Please sign in to leave a comment.