Overview

With each API request you must send 3 parameters to validate your identity:

  • API Key
  • Signature value (encrypted with your private key)
  • SigData value (unencrypted)

Within your Optimise Affiliate Login you will be able to generate 2 keys:

  • API Key (public)
  • Private Key (private – you should never transmit your private key)

Find your API key and Private key

You can access both of your keys in your Affiliate Login under “Update Account Details”

download-api-keys

Building Your Request

Your Request URL should be formed as follows

Key={Key}&Sig={Sig}&SigData={SigData}
  1. {Key} = API Key
  2. {Sig} = The Signature Data value encrypted using MD5 and the Private Key. The signature created is valid only for 60 minutes from the time of creation. It will expire after 60 minutes.
  3. {SigData} = The unencrypted signature data (the current date and time of the request in UTC) in the following format: 2014-12-22 15:19:13.567

Examples

PHP

<?php

error_reporting(E_ALL ^ E_WARNING); 

date_default_timezone_set("UTC");
$t = microtime(true);
$micro = sprintf("%03d",($t - floor($t)) * 1000);
$utc = gmdate('Y-m-d H:i:s.', $t).$micro;

$sig_data= $utc;
//########################Please Add your API Key & Private Key here to test##################################################
$api_key='xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
$private_key='xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
//############################################################################################################################

$concateData = $private_key.$sig_data;
$sig = md5($concateData);

$url = "https://api.omgpm.com/network/OMGNetworkApi.svc/v1.2/GetAccounts/ValidateLogin?" . http_build_query(array('Key' => $api_key, 'Sig' => $sig, 'SigData' => $sig_data));
$headers = array("Content-Type: application/json", 
 "Accept: application/json", 
 "Access-Control-Request-Method: GET");
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
$result = curl_exec($ch);
$status = curl_getinfo($ch, CURLINFO_HTTP_CODE);
print_r($result);
?>

ASP.net C#

string apiKey = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
string privateKey = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
string sigData = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss.fff");
string encSig = HttpUtility.UrlEncode(CreateMd5Hash(privateKey + sigData));
string url = "https://api.omgpm.com/network/OMGNetworkApi.svc/v1.2/GetAccounts/ValidateLogin?Key=" + apiKey + "&Sig=" + encSig + "&SigData=" + sigData;
HttpResponseMessage result = GetServiceResult(url);
Response.Write(result);

public HttpResponseMessage GetServiceResult(string url)
 {
 using (var client = new HttpClient())
 {
 client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
 var response = client.GetAsync(url).Result;
 return response;
 }
 }

public static string CreateMd5Hash(string key)
 {
 using (MD5 md5Hash = MD5.Create())
 {
 string hash = GetMd5Hash(md5Hash, key);
 return hash;
 }
 }

 public static string GetMd5Hash(MD5 md5Hash, string input)
 {
 // Convert the input string to a byte array and compute the hash. 
 byte[] data = md5Hash.ComputeHash(Encoding.UTF8.GetBytes(input));

 // Create a new Stringbuilder to collect the bytes 
 // and create a string.
 StringBuilder sBuilder = new StringBuilder();

 // Loop through each byte of the hashed data 
 // and format each one as a hexadecimal string. 
 for (int i = 0; i < data.Length; i++)
 {
 sBuilder.Append(data[i].ToString("x2"));
 }

 // Return the hexadecimal string. 
 return sBuilder.ToString();
 }

ASP.net VB

Dim apiKey As String = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
Dim privateKey As String = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
Dim sigData As String = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss.fff")
Dim encSig As String = HttpUtility.UrlEncode(CreateMd5Hash(privateKey & sigData))
Dim url As String = "https://api.omgpm.com/network/OMGNetworkApi.svc/v1.2/GetAccounts/ValidateLogin?Key=" & apiKey & "&Sig=" & encSig & "&SigData=" & sigData
Dim result As HttpResponseMessage = GetServiceResult(url)
Response.Write(result)

Public Function GetServiceResult(url As String) As HttpResponseMessage
 Using client = New HttpClient()
 client.DefaultRequestHeaders.Accept.Add(New MediaTypeWithQualityHeaderValue("application/json"))
 Dim response = client.GetAsync(url).Result
 Return response
 End Using
End Function

Public Shared Function CreateMd5Hash(key As String) As String
 Using md5Hash As MD5 = MD5.Create()
 Dim hash As String = GetMd5Hash(md5Hash, key)
 Return hash
 End Using
End Function

Public Shared Function GetMd5Hash(md5Hash As MD5, input As String) As String
 ' Convert the input string to a byte array and compute the hash. 
 Dim data As Byte() = md5Hash.ComputeHash(Encoding.UTF8.GetBytes(input))

 ' Create a new Stringbuilder to collect the bytes 
 ' and create a string.
 Dim sBuilder As New StringBuilder()

 ' Loop through each byte of the hashed data 
 ' and format each one as a hexadecimal string. 
 For i As Integer = 0 To data.Length - 1
 sBuilder.Append(data(i).ToString("x2"))
 Next

 ' Return the hexadecimal string. 
 Return sBuilder.ToString()
End Function

Java

 package test;

import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLEncoder;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.text.SimpleDateFormat;
import java.util.Calendar;

public class Sample {

/** String for signature data */
private String mSigData;

/** Default encoding. */
private static final String DEFAULT_ENCODING = "UTF-8";

/** Index of a component which was not found. */
private final static int NOT_FOUND = -1;

/** String used for encoding special characters */
private static final String ALLOWED_URI_CHARS = "@#&=*+-_.,:!?()/~'%";

/**Please add your Api key here*/
private String mApiKey = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";

/**Please add your private key here*/
private String apiSecret = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";


/** Base url **/
private String BASE_URL = "https://api.omgpm.com/network/OMGNetworkApi.svc/v1.2/GetAccounts/ValidateLogin?";

public static void main(String[] args) {
Sample sample = new Sample();
try {
sample.loadAccounts();
} catch (Exception e) {
e.printStackTrace();
}
}

/**
* Method to load Account Details
*
*/
private void loadAccounts() {
String url = generateUrl();
sendGet(url);
}

/**
* Method to generate Url
*
* @return
*/
private String generateUrl() {
String url = "";
try {
url = BASE_URL
+ "&Key="
+ mApiKey
+ "&Sig="
+ URLEncoder.encode(md5(apiSecret.concat(getSigData())),
"UTF-8") + "&SigData="
+ encode(mSigData, ALLOWED_URI_CHARS);
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
System.out.println("Generated Url " + url);
return url;
}

/** HTTP GET request */
private void sendGet(String url) {

try {
URL obj = new URL(url);
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
con.setRequestProperty("Content-Type", "application/json");
con.connect();

int responseCode = con.getResponseCode();
System.out.println("Response Code : " + responseCode);

BufferedReader in = new BufferedReader(new InputStreamReader(
con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();

while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();

// print result
System.out.println(response.toString());
} catch (Exception ex) {
ex.printStackTrace();
}
}

/**
* Used to generate md5 hashed value
*
* @param s
* @return
*/
private String md5(final String s) {
final String MD5 = "MD5";
try {
// Create MD5 Hash
MessageDigest digest = java.security.MessageDigest.getInstance(MD5);
digest.update(s.getBytes());
byte messageDigest[] = digest.digest();

// Create Hex String
StringBuilder hexString = new StringBuilder();
for (byte aMessageDigest : messageDigest) {
String hash = Integer.toHexString(0xFF & aMessageDigest);
while (hash.length() < 2)
hash = "0" + hash;
hexString.append(hash);
}
return hexString.toString();

} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return "";
}

/**
* Method to generate signature data
*/
private String getSigData() {
Calendar c = Calendar.getInstance();
SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS");
mSigData = df.format(c.getTime());
return mSigData;
}

private static final char[] HEX_DIGITS = "0123456789ABCDEF".toCharArray();

/**
* Encodes characters in the given string as '%'-escaped octets using the
* UTF-8 scheme. Leaves letters ("A-Z", "a-z"), numbers ("0-9"), and
* unreserved characters ("_-!.~'()*") intact. Encodes all other characters
* with the exception of those specified in the allow argument.
*
* @param s
* string to encode
* @param allow
* set of additional characters to allow in the encoded form,
* null if no characters should be skipped
* @return an encoded version of s suitable for use as a URI component, or
* null if s is null
*/
public static String encode(String s, String allow) {
if (s == null) {
return null;
}

// Lazily-initialized buffers.
StringBuilder encoded = null;

int oldLength = s.length();

// This loop alternates between copying over allowed characters and
// encoding in chunks. This results in fewer method calls and
// allocations than encoding one character at a time.
int current = 0;
while (current < oldLength) {
// Start in "copying" mode where we copy over allowed chars.

// Find the next character which needs to be encoded.
int nextToEncode = current;
while (nextToEncode < oldLength
&& isAllowed(s.charAt(nextToEncode), allow)) {
nextToEncode++;
}

// If there's nothing more to encode...
if (nextToEncode == oldLength) {
if (current == 0) {
// We didn't need to encode anything!
return s;
} else {
// Presumably, we've already done some encoding.
encoded.append(s, current, oldLength);
return encoded.toString();
}
}

if (encoded == null) {
encoded = new StringBuilder();
}

if (nextToEncode > current) {
// Append allowed characters leading up to this point.
encoded.append(s, current, nextToEncode);
} else {
// assert nextToEncode == current
}

// Switch to "encoding" mode.

// Find the next allowed character.
current = nextToEncode;
int nextAllowed = current + 1;
while (nextAllowed < oldLength
&& !isAllowed(s.charAt(nextAllowed), allow)) {
nextAllowed++;
}

// Convert the substring to bytes and encode the bytes as
// '%'-escaped octets.
String toEncode = s.substring(current, nextAllowed);
try {
byte[] bytes = toEncode.getBytes(DEFAULT_ENCODING);
int bytesLength = bytes.length;
for (int i = 0; i < bytesLength; i++) {
encoded.append('%');
encoded.append(HEX_DIGITS[(bytes[i] & 0xf0) >> 4]);
encoded.append(HEX_DIGITS[bytes[i] & 0xf]);
}
} catch (UnsupportedEncodingException e) {
throw new AssertionError(e);
}

current = nextAllowed;
}

// Encoded could still be null at this point if s is empty.
return encoded == null ? s : encoded.toString();
}

/**
* Returns true if the given character is allowed.
*
* @param c
* character to check
* @param allow
* characters to allow
* @return true if the character is allowed or false if it should be encoded
*/
private static boolean isAllowed(char c, String allow) {
return (c >= 'A' && c <= 'Z') || (c >= 'a' && c <= 'z')
|| (c >= '0' && c <= '9')
|| "_-!.~'()*".indexOf(c) != NOT_FOUND
|| (allow != null && allow.indexOf(c) != NOT_FOUND);
}
}