Generate Signature
Authenticating your request
Overview
A signature is a 64-digit encrypted string that is crucial to the authorization process.
The signature code ensures and confirms that the information included in the request is genuine and hasn't been modified. The user must first generate a Signature Code and pass it through the login request based on which the system detects and authorizes the request. Any request with an invalid or unmatched Signature will be responded to as unauthorized.
Generate a Signature
Generating a Signature Code requires you to provide the Signature Key that is located in your Profile details under Company Credentials. Along with the request body, the Signature Key goes through encryption processes to finally get the Signature Code.
A Signature Code for every requestThe Signature Code varies for every request, and no two requests will have the same Signature Code.
Signature algorithm
Below is the sample algorithm to generate a Signature Code:
const crypto = require("crypto");
const SIGNATURE_KEY = "JUYADZ3ZMrj8Bwdme2Pu8a4r"; // your signature key
// Your request body
const data = {
svAccServiceRQ: {
company: [
{
companyCode: "1810",
userName: "Muhammad_11",
account: [
{
bankCode: "11",
accountNum: "108057386290014",
corpId: "OSV0000062",
holderName: "Company Code 1810",
iban: "SA5330400108057386290014",
address: "riyadh",
currency: "SAR",
acERPcode: "ANB_1"
}
]
}
]
}
};
function generateSignature(reqBody) {
// Step 1: Convert request body to JSON string
const jsonString = JSON.stringify(reqBody);
// Step 2: Base64 encode the JSON string
const base64Data = Buffer.from(jsonString, "utf-8").toString("base64");
// Step 3: Append the SIGNATURE_KEY
const dataToHash = base64Data + SIGNATURE_KEY;
// Step 4: Generate SHA256 hash (hex encoded)
const signature = crypto.createHash("sha256").update(dataToHash).digest("hex");
return signature;
}
// Example usage
const signature = generateSignature(data);
console.log("Generated Signature:", signature);import json
import base64
import hashlib
SIGNATURE_KEY = "JUYADZ3ZMrj8Bwdme2Pu8a4r"
data = {
"svAccServiceRQ": {
"company": [
{
"companyCode": "1810",
"userName": "Muhammad_11",
"account": [
{
"bankCode": "11",
"accountNum": "108057386290014",
"corpId": "OSV0000062",
"holderName": "Company Code 1810",
"iban": "SA5330400108057386290014",
"address": "riyadh",
"currency": "SAR",
"acERPcode": "ANB_1"
}
]
}
]
}
}
def generate_signature(req_body):
json_str = json.dumps(req_body, separators=(',', ':'))
base64_data = base64.b64encode(json_str.encode('utf-8')).decode('utf-8')
data_to_hash = base64_data + SIGNATURE_KEY
signature = hashlib.sha256(data_to_hash.encode('utf-8')).hexdigest()
return signature
print("Generated Signature:", generate_signature(data))import java.util.*;
import java.security.*;
import java.util.Base64;
import com.fasterxml.jackson.databind.ObjectMapper;
public class SignatureGenerator {
private static final String SIGNATURE_KEY = "JUYADZ3ZMrj8Bwdme2Pu8a4r";
public static String generateSignature(Object data) throws Exception {
ObjectMapper mapper = new ObjectMapper();
String jsonString = mapper.writeValueAsString(data);
String base64Data = Base64.getEncoder().encodeToString(jsonString.getBytes("UTF-8"));
String dataToHash = base64Data + SIGNATURE_KEY;
MessageDigest digest = MessageDigest.getInstance("SHA-256");
byte[] hashBytes = digest.digest(dataToHash.getBytes("UTF-8"));
StringBuilder hexString = new StringBuilder();
for (byte b : hashBytes) {
hexString.append(String.format("%02x", b));
}
return hexString.toString();
}
public static void main(String[] args) throws Exception {
Map<String, Object> account = new HashMap<>();
account.put("bankCode", "11");
account.put("accountNum", "108057386290014");
account.put("corpId", "OSV0000062");
account.put("holderName", "Company Code 1810");
account.put("iban", "SA5330400108057386290014");
account.put("address", "riyadh");
account.put("currency", "SAR");
account.put("acERPcode", "ANB_1");
Map<String, Object> company = new HashMap<>();
company.put("companyCode", "1810");
company.put("userName", "Muhammad_11");
company.put("account", Collections.singletonList(account));
Map<String, Object> data = new HashMap<>();
data.put("svAccServiceRQ", Collections.singletonMap("company", Collections.singletonList(company)));
System.out.println("Generated Signature: " + generateSignature(data));
}
}using System;
using System.Text;
using System.Text.Json;
using System.Security.Cryptography;
class Program
{
const string SIGNATURE_KEY = "JUYADZ3ZMrj8Bwdme2Pu8a4r";
static string GenerateSignature(object data)
{
string json = JsonSerializer.Serialize(data);
string base64Data = Convert.ToBase64String(Encoding.UTF8.GetBytes(json));
string dataToHash = base64Data + SIGNATURE_KEY;
using (SHA256 sha = SHA256.Create())
{
byte[] hashBytes = sha.ComputeHash(Encoding.UTF8.GetBytes(dataToHash));
StringBuilder sb = new StringBuilder();
foreach (byte b in hashBytes)
sb.Append(b.ToString("x2"));
return sb.ToString();
}
}
static void Main()
{
var data = new {
svAccServiceRQ = new {
company = new[] {
new {
companyCode = "1810",
userName = "Muhammad_11",
account = new[] {
new {
bankCode = "11",
accountNum = "108057386290014",
corpId = "OSV0000062",
holderName = "Company Code 1810",
iban = "SA5330400108057386290014",
address = "riyadh",
currency = "SAR",
acERPcode = "ANB_1"
}
}
}
}
}
};
Console.WriteLine("Generated Signature: " + GenerateSignature(data));
}<?php
$SIGNATURE_KEY = "JUYADZ3ZMrj8Bwdme2Pu8a4r";
$data = [
"svAccServiceRQ" => [
"company" => [[
"companyCode" => "1810",
"userName" => "Muhammad_11",
"account" => [[
"bankCode" => "11",
"accountNum" => "108057386290014",
"corpId" => "OSV0000062",
"holderName" => "Company Code 1810",
"iban" => "SA5330400108057386290014",
"address" => "riyadh",
"currency" => "SAR",
"acERPcode" => "ANB_1"
]]
]]
]
];
function generateSignature($reqBody, $key) {
$jsonString = json_encode($reqBody, JSON_UNESCAPED_SLASHES);
$base64Data = base64_encode($jsonString);
$dataToHash = $base64Data . $key;
return hash("sha256", $dataToHash);
}
echo "Generated Signature: " . generateSignature($data, $SIGNATURE_KEY);package main
import (
"crypto/sha256"
"encoding/base64"
"encoding/hex"
"encoding/json"
"fmt"
)
const SIGNATURE_KEY = "JUYADZ3ZMrj8Bwdme2Pu8a4r"
func generateSignature(data interface{}) string {
jsonBytes, _ := json.Marshal(data)
base64Data := base64.StdEncoding.EncodeToString(jsonBytes)
dataToHash := base64Data + SIGNATURE_KEY
hash := sha256.Sum256([]byte(dataToHash))
return hex.EncodeToString(hash[:])
}
func main() {
data := map[string]interface{}{
"svAccServiceRQ": map[string]interface{}{
"company": []interface{}{
map[string]interface{}{
"companyCode": "1810",
"userName": "Muhammad_11",
"account": []interface{}{
map[string]interface{}{
"bankCode": "11",
"accountNum": "108057386290014",
"corpId": "OSV0000062",
"holderName": "Company Code 1810",
"iban": "SA5330400108057386290014",
"address": "riyadh",
"currency": "SAR",
"acERPcode": "ANB_1",
},
},
},
},
},
}
fmt.Println("Generated Signature:", generateSignature(data))
}require "json"
require "base64"
require "digest"
SIGNATURE_KEY = "JUYADZ3ZMrj8Bwdme2Pu8a4r"
data = {
svAccServiceRQ: {
company: [
{
companyCode: "1810",
userName: "Muhammad_11",
account: [
{
bankCode: "11",
accountNum: "108057386290014",
corpId: "OSV0000062",
holderName: "Company Code 1810",
iban: "SA5330400108057386290014",
address: "riyadh",
currency: "SAR",
acERPcode: "ANB_1"
}
]
}
]
}
}
def generate_signature(data)
json_string = JSON.generate(data)
base64_data = Base64.strict_encode64(json_string)
data_to_hash = base64_data + SIGNATURE_KEY
Digest::SHA256.hexdigest(data_to_hash)
end
puts "Generated Signature: #{generate_signature(data)}"Algorithm breakdown
- The first encoding represents the Base64 encoding of the Request Body
- The second encoding is performed to the first encoded result with the Signature Key
- SHA256 algorithm is applied to the second encoded result
- A Hexa Stash Code is generated with the SHA256 string
- The result of the process is your Signature Code
Here's a sample Signature Code:
Sample Signature Code - 64-bit String
Possible Responses❌ In case of Signature Key mismatch, an "Unauthorized or Invalid" response will be reflected
⚠️ If the process encounters a technical error, the system will respond to the request as "Technical/Internal/Server Error"
Updated 15 days ago