Developers
Search…
Authentication

HMAC-SHA256

HMAC-based authentication is the way you authenticate to LYNX's API. To be able to use HMAC-based authentication, you will need an api-keythat needs to remain secret and known only to you and LYNX.
When making an API call to LYNX's Recommendation API you need to add the following parameters to every call:
Parameter Name
Value
utc_timestamp
Current UTC unix timestamp (seconds).
signature
Hash signature computed from your request URI path without protocol, host and query string.

How to sign a request

Let's see how to compute the signature for making valid recommendation API requests. For example if your api-key is api-key123456 and you want to make a call to the following URI:
1
https://lynx.kickdynamic.cloud/api/v1/recommender/1234567890/items/
2
445/bought/together?userId=ABCDEF&topK=10
Copied!
First you need to take the URI's path without the protocol, host and query string, as shown below:
1
/api/v1/recommender/1234567890/items/445/bought-together
Copied!
Then you must append the utc_timestamp (UTC UNIX timestamp).
1
/api/v1/recommender/1234567890/items/445/bought-together?utc_timestamp=1565533332
Copied!
Next you take the string above and generate a hash signature using the HMAC-SHA256 algorithm and the api-key which produces the following hash code (signature).
1
be450e6e1f99746f95ca8649f7b2f3d98f2f01c13418a1ab466b2006e2215b0a
Copied!
Finally you append then utc_timestamp and the signature parameters to the API call as shown below.
1
https://lynx.kickdynamic.cloud/api/v1/recommender/1234567890/items/
2
445/bought-together?userId=ABCDEF&topK=10&utc_timestamp=1565533332
3
&signature=be450e6e1f99746f95ca8649f7b2f3d98f2f01c13418a1ab466b2006e2215b0a
Copied!

Client-side implementation examples

Here are some examples of how to build a proper recommendation API request, implemented in some popular programming languages.

C#

A C# example using .NET Framework 4.6 (or higher) or .NET Core 2.0 (or higher).
1
string apikey = "api-key123456";
2
string uriToCall = "https://lynx.kickdynamic.cloud/api/v1/recommender/1234567890/items/445/bought/together?userId=ABCDEF&topK=10"
3
string uriToHash = "/api/v1/recommender/1234567890/items/445/bought/together";
4
long utc_timestamp = DateTimeOffset.UtcNow.ToUnixTimeSeconds();
5
uriToHash = uriToHash + "?utc_timestamp=" + Convert.ToString(utc_timestamp);
6
HMACSHA256 hmac = new HMACSHA256(apiKey);
7
byte[] hashedText = hmac.ComputeHash(Encoding.ASCII.GetBytes(textToHash));
8
string signature = Convert.ToString(hashedText);
9
uriToCall = uriToCall + "&utc_timestamp=" + utc_timestamp + "&signature=" + signature;
Copied!
Last modified 3mo ago