Skip to main content

Developer Docs: Signature Generation

The Pixelbin API uses an authentication signature that should be added to the request headers.

Error

If not present, Pixelbin throws Invalid Signature error.

Steps to generate the authentication signature

  1. You will require the following details to generate the signature:

    • REQUEST_METHOD: The HTTP method.
    • REQUEST_PATH: request path without any query params. Example: /service/platform/assets/v1.0/listFiles.
    • REQUEST_QUERY: Query params sorted by keys. Example: pageNo=1&sort=name.
    • BODY_HASH: Create body hash using sha256 and convert it to a string. Body is omitted from signing if request Content-Type is multipart/form-data. In that case, an empty string "" is used for generating the BODY_HASH. If the body is an JSON object, it is first stringified and then hashed.
    • HEADERS: host and x-ebg-param.
    • PIXELBIN_TIMESTAMP: Format the timestamp ISO string 2022-06-27T10:27:32Z to 20220627T120042Z
    • HEADERS_KEY_VALUE_PAIRS: The key values will be separated by : and each pair will be separated by \n. Example:
      host:api.pixelbin.io\nx-ebg-param:20220627T120042Z
    • HEADER_KEYS: The header keys separated by ;. Example:
      host;x-ebg-param

  2. Create the following string:

    {REQUEST_METHOD}\n{REQUEST_PATH}\n{REQUEST_QUERY}\n{HEADERS_KEY_VALUE_PAIRS}\n{HEADER_KEYS}\n{BODY_HASH}

    Example:

    GET\n/service/platform/assets/v1.0/listFiles\nformat=jpeg&name=cat&onlyFiles=false&onlyFolders=false&pageNo=1&pageSize=10&path=cat-photos&sort=name&tags=animals&tags=cats\nhost:api.pixelbin.io\nx-ebg-param:20220627T120042Z\n\nhost;x-ebg-param\ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    which will be rendered as

    GET
    /service/platform/assets/v1.0/listFiles
    format=jpeg&name=cat&onlyFiles=false&onlyFolders=false&pageNo=1&pageSize=10&path=cat-photos&sort=name&tags=animals&tags=cats
    host:api.pixelbin.io
    x-ebg-param:20220627T120042Z

    host;x-ebg-param
    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

  3. The above string is hashed using sha256 and converted to a string. Note that the sha256 hash is generated in lower case. HASHED_STRING:55800dccfcfaf15a79ee14cbe6b2f22d79cd7fca1186d24650f5db0618d05446 is then used with PIXELBIN_TIMESTAMP as shown:

    {PIXELBIN_TIMESTAMP}\n{HASHED_STRING}

    Example:

    20220627T120042Z\n55800dccfcfaf15a79ee14cbe6b2f22d79cd7fca1186d24650f5db0618d05446

  4. Now generate a hmacSHA256 hash with 1234567 as key and the string generated in step 4 as message and prepend v1: to it. Note that the hmacSHA256 hash is generated in lower case. This is the Pixelbin Signature.

    Example:

    v1:11388dc17d87288cf6d369b3de5fb1a63e2c1f623cec0ba84463e925843234c2

  5. The Pixelbin Signature should be added to x-ebg-signature header and the PIXELBIN_TIMESTAMP should be added in base64 encoding to x-ebg-param header.

    Example:

    headers["x-ebg-signature"]="v1:11388dc17d87288cf6d369b3de5fb1a63e2c1f623cec0ba84463e925843234c2"
    headers["x-ebg-param"]="MjAyMjA2MjdUMTIwMDQyWg=="

Transform and enhance your images using our powerful AI technology. Organize your images in more efficient manner and our extensible APIs enables seamless integration with your system unleashing the power of our platform. Join the large community of users who use PixelBin to transform their image libraries and achieve excellent performance

Find us on

#MadeInIndia | ©2025 Shopsense Retail Technologies Limited

Is this page useful?