{"_id":"54cfb63b3995cf0d0006f6de","parentDoc":null,"version":{"_id":"54cc2148380ecd0d00ca18aa","__v":2,"forked_from":"5436a1e1d0ffee0e00f18f8f","project":"5436a1e1d0ffee0e00f18f8c","createdAt":"2015-01-31T00:26:48.753Z","releaseDate":"2015-01-31T00:26:48.753Z","categories":["54cc2149380ecd0d00ca18ab","54cc2149380ecd0d00ca18ac","54cc2149380ecd0d00ca18ad","54cc2149380ecd0d00ca18ae","54cc2149380ecd0d00ca18af","54cc2149380ecd0d00ca18b0","54cc2149380ecd0d00ca18b1","54cc2149380ecd0d00ca18b2","54cc2149380ecd0d00ca18b3","552f29ca633a5b0d00e99d09"],"is_deprecated":false,"is_hidden":false,"is_beta":false,"is_stable":true,"codename":"","version_clean":"1.1.0","version":"1.1"},"user":"5436a1afb7cf0e1c0020d9ca","__v":3,"category":{"_id":"54cc2149380ecd0d00ca18b3","project":"5436a1e1d0ffee0e00f18f8c","version":"54cc2148380ecd0d00ca18aa","__v":4,"pages":["54cc2149380ecd0d00ca18b8","54cfa9ebbba1a0230087417e","54cfb63b3995cf0d0006f6de","55b40c415e6f140d0088fd71"],"sync":{"url":"","isSync":false},"reference":false,"createdAt":"2014-10-31T17:07:44.342Z","from_sync":false,"order":8,"slug":"net-client","title":".Net Client"},"project":"5436a1e1d0ffee0e00f18f8c","updates":[],"next":{"pages":[],"description":""},"createdAt":"2015-02-02T17:39:07.507Z","link_external":false,"link_url":"","githubsync":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"auth":"required","params":[],"url":""},"isReference":false,"order":3,"body":"The ShippingEasy API will hit your callback URL when an order, or a part of an order, has been shipped. The request to the callback URL will be also signed with the same shared secret found in the store's API settings. We highly recommend you verify the signature, to ensure the request is from ShippingEasy.\n\nThe package provides an Authenticator to handle verifying the signed request from ShippingEasy. Here's an example of how to use it:\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"string apiSecret = \\\"850fd4e023478758360b0d1d1817448f0a57b3176be25ffe8a7cf2236eca9ec3\\\";\\nvar authenticator = new ShippingEasy.Authenticator(apiSecret);\\nbool verified = authenticator.Verify(\\\"POST\\\", \\\"/callback\\\", \\\"\\\", \\\"{\\\\\\\"shipment\\\\\\\":{\\\\\\\"id\\\\\\\":\\\\\\\"1234\\\\\\\"}}\\\");\",\n      \"language\": \"csharp\"\n    }\n  ]\n}\n[/block]\nThe arguments for the method are:\n\n* **httpMethod** - The HTTP method used for the request. Can usually be retrieved from System.Web.HttpContext.Current.Request.HttpMethod\n* **path** - The path without querystring for the request. Can usually be retrieved from Request.Path\n* **queryString** - The querystring for the request. Can usually be retrieved from Request.QueryString.ToString()  or Request.ServerVariables[\"QUERY_STRING\"]\n* **requestBody** - The payload posted to the callback endpoint","excerpt":"","slug":"callback-authentication-1","type":"basic","title":"Callback Authentication"}

Callback Authentication


The ShippingEasy API will hit your callback URL when an order, or a part of an order, has been shipped. The request to the callback URL will be also signed with the same shared secret found in the store's API settings. We highly recommend you verify the signature, to ensure the request is from ShippingEasy. The package provides an Authenticator to handle verifying the signed request from ShippingEasy. Here's an example of how to use it: [block:code] { "codes": [ { "code": "string apiSecret = \"850fd4e023478758360b0d1d1817448f0a57b3176be25ffe8a7cf2236eca9ec3\";\nvar authenticator = new ShippingEasy.Authenticator(apiSecret);\nbool verified = authenticator.Verify(\"POST\", \"/callback\", \"\", \"{\\\"shipment\\\":{\\\"id\\\":\\\"1234\\\"}}\");", "language": "csharp" } ] } [/block] The arguments for the method are: * **httpMethod** - The HTTP method used for the request. Can usually be retrieved from System.Web.HttpContext.Current.Request.HttpMethod * **path** - The path without querystring for the request. Can usually be retrieved from Request.Path * **queryString** - The querystring for the request. Can usually be retrieved from Request.QueryString.ToString() or Request.ServerVariables["QUERY_STRING"] * **requestBody** - The payload posted to the callback endpoint