Authentication

Authentication

All requests sent to the API must include a signature and the account identifier to authenticate the request. So add the following headers to all requests:

Header Name Header Value
Authorization Your account key
Mpowered-Signature Calculated signature (see below)

Your account key and your API secret key will be supplied directly to you.

 

Creating the Signature

  1. Create a string starting with the URL being called (excluding the domain, eg. if the GET request is to https://suppliermanagement.co.za/api/suppliers, then this value is "/api/suppliers")
  2. If the request is a POST, then append to the string from step 1 all of the parameters as follows:
    1. Ordered parameters by key
    2. Write out the parameters as key1=value1key2=value2, etc. without spaces or quotes.
    3. Eg. Parameters such as {"trading_name": "Joe's Widgets", "registration_number": 123} would result in a string registration_number=123trading_name=Joe's Widgets
  3. Encrypt this with HMAC using a SHA256, your private API secret key and the resulting string from step 2. Repeat this encryption a fixed number of times (a number that will be provided to you when you sign up).
  4. Base 64 encode the result and that is the signature

 

Implementations

Ruby

Python 

    • Related Articles

    • Release Notes

      v1 Introduced Suppliers API Introduced Procurement Scorecard API Introduced Line Items API Implemented Digest Authentication

    • Creating a new Scenario

      Create a new Scenario 1. Select the Scenario Scorecards icon from the dashboard page, as shown below. 2. This action (Step 1) will take you to the screen below. To create a new scenario click on the New Scenario link, as indicated. 3. Complete the ...

    • General Notes

      Format Content can be sent and received from the API using JSON and XML. To specify a particular response format append ".json" or ".xml" to the url, although json is the default format and so doesn't actually require the ".json" extension. ...

    • Line Items

      Overview Line Items form the meat of the Procurement Scorecard data. They record how much was spent on which suppliers. It's only possible to use the API to read and write line item details, not update or delete them, so take care when making ...

    • Suppliers

      Overview Suppliers on the SMS represent organisations that you can allocate spending to in the Procurement Scorecards. To make it super-easy to work with suppliers using the API, you will be able to use your own unique supplier codes when creating, ...