Authentication
Last updated: 29-Sep-2021
Rate this article:
Overview
Use the login method for the authentication process in the 2Checkout system.
Parameters
Parameters | Type/Description |
---|---|
merchantCode | required (string) |
Your merchant identifier (received from 2Checkout). | |
date | required (string) |
UTC ISO Date format (e.g. 2010-01-01 12:13:14) | |
hash | required (string) |
Calculated HMAC_MD5 signature based on MerchantCode and Date, using your secret key (see example below). |
Response
Parameter | Type/Description |
---|---|
sessionID |
string |
Session identifier string. An exception will be thrown if the values are incorrect. The sessionID expires in 10 minutes. |
Request
To create the HMAC_MD5 source string use your merchant code (available here) and the date of the request, prefixing them with the length in bytes of each respective value, along with your account’s secret key (for UTF-8 characters the length in bytes might be longer than the string length). For example:
Parameters | Type/Description |
---|---|
merchantCode |
Avangate |
|
8AVANGATE
|
date |
2010-05-13 12:12:12 |
|
192010-05-13 12:12:12
|
HMAC source string |
8AVANGATE192010-05-13 12:12:12
|
|
|
Secret key |
SECRET_KEY |
|
|
Calculated HMAC_MD5 signature based on MerchantCode and Date, using your secret key: |
|
bf763db7d333e9c3038698cf59ada3e6 |
Request Example
<?php
$host = "https://api.avangate.com/channel-manager";
$client = new SoapClient($host . "/2.1/soap/?wsdl", array(
'location' => $host . "/2.1/soap/",
"stream_context" => stream_context_create(array(
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false
)
))
));
function hmac($key, $data)
{
$b = 64; // byte length for md5
if (strlen($key) > $b) {
$key = pack("H*", md5($key));
}
$key = str_pad($key, $b, chr(0x00));
$ipad = str_pad('', $b, chr(0x36));
$opad = str_pad('', $b, chr(0x5c));
$k_ipad = $key ^ $ipad;
$k_opad = $key ^ $opad;
return md5($k_opad . pack("H*", md5($k_ipad . $data)));
}
$merchantCode = "YOUR_MERCHANT_CODE";// your account's merchant code available in the 'System settings' area of the Control Panel: https://secure.2checkout.com/cpanel/account_settings.php
$key = "YOUR_SECRET_KEY";// your account's secret key available in the 'System settings' area of the Control Panel: https://secure.2checkout.com/cpanel/account_settings.php
$now = date('Y-m-d H:i:s'); //date_default_timezone_set('UTC')
$string = strlen($merchantCode) . $merchantCode . strlen($now) . $now;
$hash = hmac($key, $string);
try {
$sessionID = $client->login($merchantCode, $now, $hash);
}
catch (SoapFault $e) {
echo "Authentication: " . $e->getMessage();
exit;
}
?>
Errors
Error | Description |
---|---|
AUTHENTICATION_FAILED |
Authentication failed |
FORBIDDEN |
Forbidden area |
Rate this article: