REST API Authentication

REST API calls must be authenticated using a custom HTTP header: X-STRINGEE-AUTH or URL Parameter: access_token along with a JSON web token.

Create the JWT token (access_token) with format:

HEADER:
    {
        "typ": "JWT",
        "alg": "HS256",// only support HS256
        "cty": "stringee-api;v=1"
    }

PAYLOAD:
    {
        "jti": "SK...-...",//JWT ID
        "iss": "SK...",//API key sid
        "exp": ...,//expiration time
        "rest_api": true
    }

VERIFY SIGNATURE:
    HMACSHA256(
        base64UrlEncode(HEADER) + "." +
        base64UrlEncode(PAYLOAD),
        apiKeySecret
    )

The values:

    iss: API key SID generated by Stringee 
    jti: the identify of the token, can be generated by: apiKeySid_timestamp
    exp: the expired time of the token (in second)
    apiKeySecret: API key secret generated by Stringee

Sample request using X-STRINGEE-AUTH header:

POST /v1/ivrnode HTTP/1.1
Host: https://icc-api.stringee.com
X-STRINGEE-AUTH: YOUR_ACCESS_TOKEN
Accept: application/json

{
    ...
}

Sample request using URL Parameter:

POST /v1/ivrnode?access_token=YOUR_ACCESS_TOKEN HTTP/1.1
Host: https://icc-api.stringee.com
Accept: application/json

{
    ...
}

Suggestions

REST API Authentication

Create the JWT token (access_token) with format:

Sample request using X-STRINGEE-AUTH header:

Sample request using URL Parameter: