Hashing
Some endpoints require a digital signature Hash to be sent with the body payload. This digital signature is used to verify and guarantee the authenticity of the request.
Hash is SHA1 hashing of body payload parameters and your Gameball account secret transactionKey. When Gameball receives a request with hashing, it computes the Hash value and compares it against the one sent with the request. If the two hashes match then the request processed, otherwise it will be rejected.
Hash is computed according to the below algorithm. Variables found in this algorithm must be equal to their equivalent values in the request payload.
Hash =sha1.ComputeHash(PlayerUniqueId+":"+yyMMddHHmmss+":"+Amount+":"+transactionkey)
Variable | Value |
|
|
| This is extracted from the request payload parameter transaction time without any separator. Time must be 24 format. For example: 200430163519 |
|
|
| Gameball account client salt key. |
For request that have no Amount or transaction time parameters. They are substituted in the algorithm by empty string. Below is an example showing the hashing of a request with no Amount.
Hash =sha1.ComputeHash(PlayerUniqueId+":"+yyMMddHHmmss+":"+""+":"+transactionkey)
Note: In case Amount value is 0, it is sent with a value of 0, not as an empty string.
Variable | Value |
|
|
| This is extracted required from from filter in |
| This is extracted required to filter in |
| Gameball account client salt key. |
For request that have no Amount or transaction time parameters. They are substituted in the algorithm by empty string. Below is an example showing the hashing of a request with no Amount.