Showing results for 
Search instead for 
Did you mean: 

HTTP Signature Authentication through Postman

I'm trying to test the 'Post a Payment' API  through the Http Signature Authentication as shown on the below link, using the same headers as generated on the below link using Postman.

I tried to generate the digest and using SHA256 encryption and Base64 encoding, but the digest value doesn't seem to match for the same message body with the tool on the above link.

There's also a confusion about signature - Do we use headers as they are shown below as Option#1 example or Option#2


Signature: keyid="6d75ffad-ed36-4a6d-85af-5609185494f4", algorithm="HmacSHA256", headers="host date (request-target) v-c-merchant-id", signature="eQkzhzu8UHEQmpBTVMibdNpPw1aLunmY41ckyLKoOjs="

Option#2 :  Should we Substitute the values of host,date, request-target and v-c-merchant-id in above with values or use as is?

If anyone has successfully tested the API through Postman, can you please share some inputs/ sample values of your digest and signature and above doubt.


Have you tried using our Postman : - it has the header generation script already configured for a user. All you need is to download and test run it for the default merchant configured in the Postman.

Administrator Administrator