HMAC Authorization Header

Posted by Anonymous (not verified) on October 18, 2017 in General discussion

Hello!
Does iCIMS Support HMAC Authorization only for iCIMS outbound Event Notifcations? Or can this be used in replacement of a Basic Authorization header for search API queries?

Thanks!

Submitted by iCIMSUNIFIL on October 18, 2017 Permalink

HMAC can be used in place of a Basic Auth for API Calls. Here are two example iCIMS Outbound POSTS:

HMAC:

Log Message:
Outbound notification
POST /icims/remotelogin HTTP/1.1
Connection: close
Link: https://api.icims.com/customers/6268/people/244;rel="user";title="Posting User",
x-icims-date: 2017-10-18T14:53:40+0000
x-icims-content-sha256: b5ce232084d42376299a7d4d4f1ac4f03b699012074a07d11aa577c9fef28233
Content-Type: application/json
Host: qa.i9complete.com
Authorization: x-icims-v1-hmac-sha256 user=icimsremotelogin_i9everifysandbox,signedheaders=content-type;host;x-icims-content-sha256;x-icims-date,signature=b0d79e9f65b6bb16515ac82bd415aec7f5ef655aef94b7f66a6a2e0959680733
X-NewRelic-ID: UQMFUFdUGwsHVllVDwY=
X-NewRelic-Transaction: PxQCV1NWWVcCBVdbVQNUBAUEFB8EBw8RVU4aVw4NAVNXV1hXCAMBAQZXAkNKQQ0LCAcAUgVXFTs=
Content-Length: 237
User-Agent: Apache-HttpClient/4.5.2 (Java/1.8.0_141)
Accept-Encoding: gzip,deflate

{"systemId":"244","customerId":"6268","links":[{"rel":"user","title":"Posting User","url":"https://api.icims.com/customers/6268/people/244"}],"eventType":"RemoteLoginEvent","returnUrl":"https://i9everifysandbox.icims.com","userId":"244"}

Basic:

Log Message:
Outbound notification
POST /pwslogin/Resources.svc/rest/json?source=icims HTTP/1.1
Connection: close
Link: https://api.icims.com/customers/6271/applicantworkflows/1479;rel="applicantWorkflow";title="Applicant Workflow",https://api.icims.com/customers/6271/jobs/1181;rel="job";title="Job Profile",https://api.icims.com/customers/6271/people/1930;rel="person";title="Person Profile",https://api.icims.com/customers/6271/people/1566;rel="user";title="Posting User",
Authorization: Basic QXN1cmludDIwMTU6aW9EMGFUN2JiM3FnRm9n
X-NewRelic-ID: UQMFUFdUGwsHVllVDwI=
X-NewRelic-Transaction: PxRUUABbDQVUXVlXVVMAXgEAFB8EBw8RVU4aAQleDAcFAQBZBANRVVxTBkNKQQ0GAlxWAQRXFTs=
Content-Length: 588
Content-Type: application/json
Host: aws-dev.asurint.com
User-Agent: Apache-HttpClient/4.5.2 (Java/1.8.0_141)
Accept-Encoding: gzip,deflate

{"jobId":"1181","systemId":"1479","newStatus":"24632","oldStatus":"2013","customerId":"6271","personId":"1930","links":[{"rel":"applicantWorkflow","title":"Applicant Workflow","url":"https://api.icims.com/customers/6271/applicantworkflows/1479"},{"rel":"job","title":"Job Profile","url":"https://api.icims.com/customers/6271/jobs/1181"},{"rel":"person","title":"Person Profile","url":"https://api.icims.com/customers/6271/people/1930"},{"rel":"user","title":"Posting User","url":"https://api.icims.com/customers/6271/people/1566"}],"eventType":"WorkFlowStatusChangeEvent","userId":"1566"}