Generate Signature

Authenticating your request


A signature is a 64-Digit encrypted string that acts as a crucial part of the authentication process.

Signature Code ensures and confirms the information included in the request is genuine and hasn't been modified. The user has to first generate a Signature Code and pass it through the login request based on which the system detects and authenticates the request. Any request with an invalid or unmatched Signature will be responded to as "Invalid/Unauthorized".

Generate a Signature

Generating a Signature Code requires you to provide the Signature Key that is located in your Profile details under Company Credentials. Along with the request body, the Signature Key goes through encryption processes to finally get the Signature Code.


A Signature Code for every request

The Signature Code varies for every request and no two requests will have the same Signature Code.

Signature algorithm

Below is the sample algorithm to generate a Signature Code:

SIGNATURE_KEY : 1234567890 // your signature key

let encode = base64encode(JSON.stringify(req.body));
encode = encode + "SIGNATURE_KEY";
let signature = sha256(encode);

function sha256(str) {
  let hash = crypto.createHash("sha256")update(str).digest("hex");
  return hash;

Algorithm breakdown

  • The first encoding represents the Base64 encoding of the Request Body
  • The second encoding is performed to the first encoded result with the Signature Key
  • SHA256 algorithm is applied to the second encoded result
  • A Hexa Stash Code is generated with the SHA256 string
  • The end result of the process is your Signature Code

Here's a sample Signature Code:


Sample Signature Code - 64-bit String


Possible Responses

❌ In case of Signature Key mismatch, an "Unauthorized or Invalid" response will be reflected

⚠️ If the process encounters a technical error, the system will respond to the request as "Technical/Internal/Server Error"