Authentication
You have to be authenticated by the Shopgate Merchant API in order to use it. To do this send two “X headers” containing a user name and auth token along with your request:
- X-Shopgate-Auth-User
- X-Shopgate-Auth-Token
User Name Generation
The user name is a combination of the following values:
- Customer number
- Unix timestamp
Both values are separated by a hyphen (-):
Auth User: <Customer number>-<Unix timestamp>
Example: 12345-1329146130
Auth Token Generation
The Auth Token is composed of the following parameters:
- “SMA” string
- Customer number
- Current Unix timestamp
- API key
is performed in the following way:
- Separate the string with hyphens, e.g.
SMA-12345-1329146130-01677e4c0ae5468b9b8b823487f14524 - Use it as base for generating the SHA1 hash:
sha1(SMA-12345-1329146130-01677e4c0ae5468b9b8b823487f14524) - The result is the Auth token (as SHA1 hash):
b83e778fb008e0b006a4094787aba2d9543d6d25
Examples
HTTP-Request Headers
X-Shopgate-Auth-User: 12345-1334128396
X-Shopgate-Auth-Token: 885964b9b46756bdec6d7ae549ae5bfcd406798aImplementation using PHP and cURL
<?php
$customerNumber = "12345";
$apiKey = "01677e4c0ae5468b9b8b823487f14524";
$timestamp = time();
$authUser = "$customerNumber-$timestamp";
$authToken = sha1("SMA-$customerNumber-$timestamp-$apiKey");
$curl = curl_init();
curl_setopt(
$curl,
CURLOPT_HTTPHEADER,
array(
'X-Shopgate-Auth-User: ' . $authUser,
'X-Shopgate-Auth-Token: ' . $authToken
)
);