• Home
• API Reference
• Message Signing
• AddListToCampaign
• BatchRequest
• CallAborted
• CallCompleted
• CallRecordingReady
• CallStarted
• SendLeadStatus
• StartCallRequest

Message Signing

In order to ensure VoIP SP - to - VoIP Cloud authentication every message must contain HMAC hash which should be validated on both ends. Hash is calculated based on event data and encrypted with shared key stored on both VoIP SP and VoIP Cloud.

Message hash calculation:

1. Get SecretKey specified during WebHook registration
2. Get MessageBody to be signed
3. Calculate hash: Hash = HMAC_SHA256(SecretKey, MessageBody)

Adding message signature header:

1. Get hexadecimal representation of the message hash: HexHash = HEX(Hash)
2. Add request header
   • Name: 'ms-signature'
   • Value: 'sha256=' + HexHash

Message signature verification:

1. Get expected message hash
   1. Get 'ms-signature' header value
   2. Take the part going after 'sha256='
   3. Get byte array representation from the hexadecimal one
2. Compute actual message hash (see 'Message hash calculation' section)
3. Compare actual and expected hashes