Authenticating API calls
To receive data from a call to an Oracle Data Cloud API, you must authenticate your requests.
Calculating a request signature
You can calculate a request signature by generating the encryption data into a string byte array containing the following elements and then signing the resulting string with your private key:
HTTP_METHOD + URI_PATH + QUERY_ARG_VALUES + POST_DATA
Signature algorithm: HMAC-SHA256
HMAC-SHA256(Secret key, HTTP_METHOD + URI_PATH + QUERY_ARG_VALUES + POST_DATA)
Partner ID property
You can optionally specify the pid
or partner.id
property in the URI to request a response for a specific partner seat that is associated with your user account. If included in the URI, the partner ID is used to calculate the bksig
value.
If your user account is associated with multiple partner seats, the response will be for your default partner seat. For example, if your user settings show that your account is associated with partner seats 12345 and 23456, API calls will use 12345 by default because it has the lowest numeric value of your two partner IDs. However, you can specify partner.id=23456
in your call's URL before signing the call to retrieve the data for your other partner seat.
The pid
or partner.id
property must be associated with the same account used to get your API keys. Otherwise, you will receive a 403: Forbidden error.
Sample authenticated message
The following example demonstrates an how to send an authenticated message to the ping API to verify that you can send authenticated message requests to the Oracle Data Cloud platform.
URL: https://services.bluekai.com/Services/WS/Ping?pid=23456
METHOD: POST
URI PATH: /Services/WS/Ping
QUERY ARG VALUES: (none)
POST DATA: (none)
STRING TO SIGN: POST/Services/WS/Ping
Once the signature is generated (bksig
, which is the Base64-encoded output of HMAC-SHA256), it is passed to the Oracle Data Cloud platform along with the user identifier (bkuid
) using the following two query arguments:
bkuid={BK_WS_USERID)
bksig={Signed Web Service Request String}
Example Ping request syntax
https://services.bluekai.com/Services/Ping?pid=partnerID&bkuid=webServicesUserID&bksig=signedString
Note: The bkuid
and bksig
values are not added to the input string for HMAC-SHA256 used to get the bksig
value.
Return values
All forms of platform authentication return an HTTP response code of 200 if the request is successful. If the request is unsuccessful, a 403 Forbidden result is returned. Authentication requests do not return any JSON data in the response.
See the programming example for how to generate a signed request using the Python programming language.