Signing URLs

Some requests and payment links must be signed to prove that it was generated by you and not a fraudster.

Algorithm

The signature must be an HMAC-SHA1 of the URL path and query string, using your shared secret as the key. The resulting value must be base-64 encoded and appended to the query string with the parameter name "signature".

Example

If you need to sign the url https://secure.vend-o.com/v/signup?site=1&offers=123 with your shared secret 3HDW9B, the resulting signed URL will be:

https://secure.vend-o.com/v/signup?site=1&offers=123&signature=UrYz6hgkRcRHmPksyIjTt_jFJ-g

Vendo SDK for PHP

You can use Vendo's SDK for PHP to easily sign your requests to Vendo.

Steps

  1. Install the SDK using composer: composer require vendoservices/vendo-sdk.
  2. Check the code examples in the code repository.