HMAC Code

HMAC Code Policy Used to create HMAC code along with Secret key and choice of hash function.

HMAC uses cryptographic hash functions such as MD5 and SHA-*.

As HMAC code is used for encrypting information sent, it's used in REST calls like POST and PUT and the content to be encrypted needs to be set in the Body.

Configuration

The properties that have to be configured to use the policy are described below.

Property

Description

Secret Key

Secret key along with normal documentation convention for ways to pass it to generate.

To know how to generate a secret key, refer to the Obtaining Access Token section.

The attributes present in this section are below:

Type: Represents the location (Header, Parameter, Constant and Context Variable) in the request where the secret key is set.
Name: The name of the variable the end user decides to send the secret key with.
Example: secret_key
Default Value: The default value to be used when the variable is not sent in the request .

Refer to the Configuring Message Part Identifier section.

Algorithm

The cryptographic hash function used to create an HMAC policy.

Following are the options:

HmacSHA256
HmacSHA384
HmacSHA512
HmacMD5

Example

Key Source:
- Type: Header
- Name: secret1
- Default Value: example_secret_key
Algorithm: HmacSHA256

Refer to the Configuring an HMAC policy to understand how to use the policy.