Skip to main content
knowledgecenter.2checkout.com

Authentication

Overview

Use the login method for the authentication process in the Avangate system.

Parameters

Parameters Type/Description
merchantCode Required (String)
  Your merchant identification code.
date Required (String)
  GMT ISO Date format (e.g. 2010-01-01 12:13:14)
hash Required (Object)
  Calculated HMAC_MD5 signature based on merchantCode and date, using your secret key.

Response

Parameters

Type/Description

sessionID

String

 

Session identifier, the output of the Login method. Include sessionID into all your requests. Avangate throws an exception if the values are incorrect.

Request

To create the HMAC_MD5 source string use your merchant code and the date of the request, prefixing them with the length in bytes of each respective value, along with your account’s secret key (for UTF-8 characters the length in bytes might be longer that the string length). For example:

Parameters

Type/Description

MerchantCode

Your merchant account code.

 

8AVANGATE

 

Date

2010-05-13 12:12:12

 

192010-05-13 12:12:12

 

HMAC source string

8AVANGATE192010-05-13 12:12:12

 

Secret key

SECRET_KEY

Calculated HMAC_MD5 signature based on MerchantCode and Date, using your secret key:

bf763db7d333e9c3038698cf59ada3e6

 

<?php

$host   = "https://api.avangate.com";
$client = new SoapClient($host . "/soap/5.0/?wsdl", array(
    'location' => $host . "/soap/5.0/",
    "stream_context" => stream_context_create(array(
        'ssl' => array(
            'verify_peer' => false,
            'verify_peer_name' => false
        )
    ))
));


function hmac($key, $data)
{
    $b = 64; // byte length for md5
    if (strlen($key) > $b) {
        $key = pack("H*", md5($key));
    }
    
    $key    = str_pad($key, $b, chr(0x00));
    $ipad   = str_pad('', $b, chr(0x36));
    $opad   = str_pad('', $b, chr(0x5c));
    $k_ipad = $key ^ $ipad;
    $k_opad = $key ^ $opad;
    return md5($k_opad . pack("H*", md5($k_ipad . $data)));
}

$merchantCode = "YOURCODE123"; 
//your account's merchant code available in the 'System settings' area of the cPanel: 
//https://secure.avangate.com/cpanel/account_settings.php

$key          = "SECRET_KEY"; 
//your account's secret key available in the 'System settings' area of the cPanel: 
//https://secure.avangate.com/cpanel/account_settings.php

$now          = gmdate('Y-m-d H:i:s'); //GMT date format)

$string = strlen($merchantCode) . $merchantCode . strlen($now) . $now;
$hash   = hmac($key, $string);

try {
    $sessionID = $client->login($merchantCode, $now, $hash);
}
catch (SoapFault $e) {
    echo "Authentication: " . $e->getMessage();
    exit;
}


  • Was this article helpful?