Construct Signature

Method to construct signature variable from the payload

Option 1

If userId is sent in InitConfig then the callback signature will be constructed the following way:

Data required to generate signature:

  1. transactionId

  2. userId

  3. secretKey

The signature variable is calculated by taking the MD5 hash of transactionId, userId, secretKey separated by colons. In Python, it can be calculated using the code snippet below:

import hashlib
signature = hashlib.md5(f"{transactionId}:{userId}:{secretKey}".encode('utf-8')).hexdigest())

Option 2

If clientId is sent in InitConfig then the callback signature will be constructed the following way:

Data required to generate signature:

  1. transactionId

  2. clientId

  3. secretKey

The signature variable is calculated by taking the MD5 hash of transactionId, clientId, secretKey separated by colons. In Python, it can be calculated using the code snippet below:

import hashlib
signature = hashlib.md5(f"{transactionId}:{clientId}:{secretKey}".encode('utf-8')).hexdigest())

NOTE:

ArcPlay will send a signature variable in the postback payload as an Auth token. The publisher server must recalculate the signature and match it to the signature sent to securely validate the transaction. The secretKey will be shared with by the ArcPlay Customer Success Team. Each application should have a unique secretKey. Please do not use the same secretKey for all of your applications, as this might lead to a situation where rewarding the user in one application will also reward the user in another application.

Last updated