The PAVE Capture API requires authentication for all API calls, which is achieved through the use of an HMAC-SHA256 message hash as a header within the request.
Introduction
This section provides the details on how to use the curl command to access the PAVE OpenAPI sessions endpoint using API-Key, API-Token, and API-Timestamp headers. The API-Key and API-Token are used for authentication purposes, and the API-Timestamp is used for ensuring the freshness of the request.
Endpoint
https://openapi.paveapi.com/v1/sessions
HMAC-SHA256
HMAC (Keyed-Hash Message Authentication Code) is a cryptographic technique that calculates a message authentication code by combining a cryptographic hash function with a secret key. In the case of the PAVE Capture API, the cryptographic hash function used is SHA256, resulting in the algorithm known as HMAC-SHA256.
Prerequisites
A valid API Key and API Token should be obtained before accessing the API endpoint.
curl must be installed on your system.
Steps to Use curl
Open a terminal or command prompt.
Use the following curl command to access the API endpoint:
Replace <Your_Generated_Access_Token> with your API Token.
Replace <UTC_Datetime_String> with the UTC datetime in the format YYYY-MM-DDTHH:MM:SSZ. For example, 2023-02-11T12:00:00Z.
Execute the curl command.
The API endpoint will return a JSON object containing the session data.
Headers
The following headers are required for each API request:
Note
Make sure to replace the placeholders with the actual values before executing the curl command.
Ensure that the UTC datetime string in the API-Timestamp header is accurate and up-to-date, as it is used for ensuring the freshness of the request.
API-Token: will expire within 5 minutes.
Response
If the request is successful, the API server will return a JSON object that contains the session information, including the session ID, expiration time, and the associated API Key and access token.