Authentication
The widget expects an
authCode
to be included as part of the config object. The value of the the authentication code should be a hash of your application's secret
and the user's externalId
field using the HMAC-SHA256 hashing function. The Notifly server also computes the hash value and checks that the two values match. If successful the server returns a token which is then used to authenticate future requests. If the hashes do not match the server returns 401
status code.Code examples
Python
Javascript (Node.js)
Ruby
import hashlib
import hmac
authCode = hmac.new(
NOTIFLY_APP_SECRET.encode('utf-8'),
str(user.id).encode('utf-8'),
digestmod=hashlib.sha256,
).hexdigest()
# The `.encode` here assume that you use Python 3
# and that `NOTIFLY_APP_SECRET` is a `str`-object
# (which would be `unicode` in Python 2).
const crypto = require('crypto');
const hmac = crypto.createHmac('sha256', NOTIFLY_APP_SECRET);
hmac.update(user.id);
// WARNING: Never calculate this in the frontend!
// It would expose your Notifly app secret and
// allow users to send arbitrary notifications
// to all users of your app.
require 'openssl'
OpenSSL::HMAC.hexdigest('sha256', NOTIFLY_APP_SECRET, user.id)
Last modified 3yr ago