Signature problem when request with postman to api

[smash]

Hi.
I want to do request by POST in postman and have problem with signature. I used my token, timestamp, language with no problem. When i use https://www.webatic.com/md5-convertor to convert to md5 hash i still have error with bad signature. i paste

Code: Select all

/op/v0/device/real/query\\r\\nHASH\\r\\n1735331940000

What do i do wrong?

Many thanks.

[Dave Foster]

I'm more familiar with the python stuff but just to check you are constructing the signature as


signature = fr'{path}\r\n{token}\r\n{timestamp}'

And you then pass signature through the md5hash converter

where token is your api_key
path is your endpoint (your example looks correct)
timestamp*1000 (your example looks correct)

The characters \r\n must be treated as special characters and included as their escape sequences

So in your example I would expect to see apikey where you have HASH (unless that's what you meant) and then the whole thing passed through the md5 converter.

see https://www.foxesscloud.com/public/i18n ... ent.html#6

[smash]

Hash = api_key thats what i meen to.
So probobly i am doing averything good and still have that error (wrong signature)
I think it can be something wroga with this md5-converter
Maybe you can tell me how can I pass corectly data like sns (serial number of inverter)? It should be in url?

https://www.foxesscloud.com/op/v0/devic ... ial_number

[tony.matthews1]

Have a look at the Open API documentation here: https://www.foxesscloud.com/public/i18n ... 03e203ca3e

The real time data query is a post so does not have URL parameters. You need to post a body with the serial number and the variables you are querying for. Here is a working example of the API call setup and response:

Code: Select all

getting real-time data
body = {"deviceSN": "65BH60..."}
path = /op/v0/device/real/query
headers = {'Token': '72a2a...', 'Lang': 'en', 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36', 'Timezone': 'Europe/London', 'Timestamp': '1735735442541', 'Content-Type': 'application/json', 'Signature': '7c65d33f89811065c081afa5ff0518cd'}
[{'unit': 'kW', 'name': 'PVPower', 'variable': 'pvPower', 'value': 0.06},
 {'unit': 'V', 'name': 'PV1Volt', 'variable': 'pv1Volt', 'value': 187.6},
 {'unit': 'A', 'name': 'PV1Current', 'variable': 'pv1Current', 'value': 0.2},
 {'unit': 'kW', 'name': 'PV1Power', 'variable': 'pv1Power', 'value': 0.038},
 {'unit': 'V', 'name': 'PV2Volt', 'variable': 'pv2Volt', 'value': 221.1},

The problem with using a web service for MD5 may be that the timestamp is too far out of the current time. The API will only accept requests where the timestamp and signature have been generated dynamically within the last few seconds to avoid replay attacks.

[smash]

Thank. Now i know-how how to pars body datas. But still have problem with signature. Timestamp is dinamic so that is not a problem.

[tony.matthews1]

The most common problem when creating a signature is that the special characters are converted before the string is encoded but the string values are literals. This especially may be the case if the string is passed through multiple stages of processing.

That is the string being encoded must actually include the characters "\n" and "\r" in the string prior to encoding. They must NOT be converted to a carriage return or line feed at any point.