This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

How to use HMAC - on-prem OPDK 4.50.00

on ‎04-06-2021 10:50 PM

API-Evangelist
Silver 5
Silver 5
1 1 323

Learnt something interesting so sharing on the usage of HMAC on-prem OPDK 4.50.00

The HMAC policy is available in the management server and the runtime for OPDK 4.50.00, but it does not appear in the policy chooser. You'll have to add the HMAC policy XML manually or create the API Proxy bundle on Edge Cloud UI where policy is available in the UI, export it and import to your OPDK.

Hope to soon see in UI in next release..

https://docs.apigee.com/api-platform/reference/policies/hmac-policy

Just drop any policy and replace the content with HMAC policy xml to show-up(sample reference). It will look like below once it is saved & it works as expected(tested few scenarios including new lines).

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<HMAC name="Generate-HMAC">
    <Algorithm>SHA256</Algorithm>
    <SecretKey ref="private.secretkey"/>
    <IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
    <!-- optional -->
    <!--
    The "message" can include fixed and multiple variable parts,
    including newlines and static functions.
    Whitespace is significant.
   -->
    <Message>{request.content}</Message>
    <!-- default encoding is base64 -->
    <Output encoding="base64">hmac</Output>
</HMAC>

Make sure to update the policy step with the name as it may refer to initial policy which was created.

example:

<Step> <Name>Generate-HMAC</Name> </Step>

Hope it helps who is wondering about HMAC policy..

hmac.png

Preview file
5 KB
Topic Labels
Comments
dchiesa1
Staff
‎04-07-2021 07:48 AM

Thanks for the post, Vinay!

Version history
Last update:
‎04-06-2021 10:50 PM
Updated by:
Silver 5