Page 1 of 1
Signature problem when request with postman to api
Posted: Fri Dec 27, 2024 8:41 pm
by smash
Hi.
I want to do request by POST in postman and have problem with signature. I used my token, timestamp, language with no problem. When i use
https://www.webatic.com/md5-convertor to convert to md5 hash i still have error with bad signature. i paste
Code: Select all
/op/v0/device/real/query\\r\\nHASH\\r\\n1735331940000
What do i do wrong?
Many thanks.
Re: Signature problem when request with postman to api
Posted: Sun Dec 29, 2024 10:32 am
by Dave Foster
I'm more familiar with the python stuff but just to check you are constructing the signature as
signature = fr'{path}\r\n{token}\r\n{timestamp}'
And you then pass signature through the md5hash converter
where token is your api_key
path is your endpoint (your example looks correct)
timestamp*1000 (your example looks correct)
The characters \r\n must be treated as special characters and included as their escape sequences
So in your example I would expect to see apikey where you have HASH (unless that's what you meant) and then the whole thing passed through the md5 converter.
see
https://www.foxesscloud.com/public/i18n ... ent.html#6
Re: Signature problem when request with postman to api
Posted: Wed Jan 01, 2025 12:34 pm
by smash
Hash = api_key thats what i meen to.
So probobly i am doing averything good and still have that error (wrong signature)
I think it can be something wroga with this md5-converter
Maybe you can tell me how can I pass corectly data like sns (serial number of inverter)? It should be in url?
Re: Signature problem when request with postman to api
Posted: Wed Jan 01, 2025 12:52 pm
by tony.matthews1
Have a look at the Open API documentation here:
https://www.foxesscloud.com/public/i18n ... 03e203ca3e
The real time data query is a post so does not have URL parameters. You need to post a body with the serial number and the variables you are querying for. Here is a working example of the API call setup and response:
Code: Select all
getting real-time data
body = {"deviceSN": "65BH60..."}
path = /op/v0/device/real/query
headers = {'Token': '72a2a...', 'Lang': 'en', 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36', 'Timezone': 'Europe/London', 'Timestamp': '1735735442541', 'Content-Type': 'application/json', 'Signature': '7c65d33f89811065c081afa5ff0518cd'}
[{'unit': 'kW', 'name': 'PVPower', 'variable': 'pvPower', 'value': 0.06},
{'unit': 'V', 'name': 'PV1Volt', 'variable': 'pv1Volt', 'value': 187.6},
{'unit': 'A', 'name': 'PV1Current', 'variable': 'pv1Current', 'value': 0.2},
{'unit': 'kW', 'name': 'PV1Power', 'variable': 'pv1Power', 'value': 0.038},
{'unit': 'V', 'name': 'PV2Volt', 'variable': 'pv2Volt', 'value': 221.1},
The problem with using a web service for MD5 may be that the timestamp is too far out of the current time. The API will only accept requests where the timestamp and signature have been generated dynamically within the last few seconds to avoid replay attacks.
Re: Signature problem when request with postman to api
Posted: Wed Jan 01, 2025 8:34 pm
by smash
Thank. Now i know-how how to pars body datas. But still have problem with signature. Timestamp is dinamic so that is not a problem.
Re: Signature problem when request with postman to api
Posted: Fri Jan 03, 2025 11:02 am
by tony.matthews1
The most common problem when creating a signature is that the special characters are converted before the string is encoded but the string values are literals. This especially may be the case if the string is passed through multiple stages of processing.
That is the string being encoded must actually include the characters "\n" and "\r" in the string prior to encoding. They must NOT be converted to a carriage return or line feed at any point.