Authentication for Register and Unregister

AirBop will authenticate requests to the server using the headers that are passed along with the request. If the headers do not match what AirBop expects then the request will be blocked.

Required Headers

When registering or unregistering with the AirBop servers, the following headers are required:

x-app-key
x-timestamp
x-signature
Content-Type

They are defined as follows:

x-timestamp

The timestamp of the message, sent as the number of seconds since the Epoch, January 1, 1970 00:00 UTC.

x-app-key

Your AirBop App Key, which is created automatically by AirBop when you create a new app. It is shown on your app's "Edit" tab.

x-signature

An SHA-256 hash constructed exactly as follows:

"POST" + request_uri + AIRBOP_APP_KEY + timestamp + request.body + AIRBOP_APP_SECRET

An example implementation of this can be found in the AirBop-Client sample. This is sometimes known as a HMAC.

Content-Type

This header parameter controls which format the AirBop servers will expect the body to be in (JSON or form url encoded). There are two options:

application/json

Or:

application/x-www-form-urlencoded

Section:: API
Last Updated:: 29 Oct, 2012 03:47 PM

Recent Discussions

	29 May, 2017 06:20 PM	How to group Applications in Airbop and send notifications?
	24 May, 2017 06:15 PM	How can I make my target url redirect through andromo to my webpage
	16 May, 2017 12:36 PM	Push
	10 May, 2017 12:30 PM	Registration
	08 May, 2017 01:13 PM	Error 401: GCM authentication error - Unable to configure Browser Key

Recent Articles

	Fixing Common Errors
	Messages
	How Does Google Cloud Messaging Work?
	What Are Push Notifications?
	How does GCM handle app uninstalls?

AirBop Support