For successful authorization it is necessary to send api_key, signature and nonce parameters to each request to the API.
- api_key – this parameter is generated and provided by the iCash system
- nonce – a positive number. This parameter must be incremented with each API request. Unix Timestamp is usually used for this parameter, but if you have more than one request per second you need to add an additional counter.
- signature – this is an HMAC-SHA256 encoded string containing nonce, WareHouseID and api_key, using secret_key for encoding, which is generated and provided by the iCash system. The WareHouseID parameter is the warehouse number. The signature parameter must be represented as hex (64 uppercase characters)
$nonce=time()+$g_cnt; // $g_cnt – additional counter in your script, use $g_cnt++; after POST request
$message = $nonce.$WareHouseID.$api_key;
$signature = strtoupper(bin2hex(hash_hmac(‘sha256’,$message, $secret_key,true)));