Coupang Partners API uses authentication using HMAC. You have to send us the HMAC signature you created in the "Authorization" key of the request header of all Coupang Partners APIs.
Example of creating HMAC Signature
Java Example
package com.coupang.partners;
import org.apache.commons.codec.binary.Hex;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.TimeZone;
public class HmacGenerator {
//AccessKey and secretKey are delivered by Coupang at the beginning of the integration.
//You have to map and send the HMAC signature generated by the generation method to the "Authorization" key.
public String generate(String method, String uri, String accessKey, String secretKey) {
String[] parts = uri.split("\\?");
if (parts.length > 2) {
throw new RuntimeException("incorrect uri format");
} else {
String path = parts[0];
String query = "";
if (parts.length == 2) {
query = parts[1];
}
SimpleDateFormat dateFormatUtc = new SimpleDateFormat("yyMMdd'T'HHmmss'Z'");
dateFormatUtc.setTimeZone(TimeZone.getTimeZone("UTC"));
String datetime = dateFormatUtc.format(new Date());
String message = datetime + method + path + query;
String signature;
try {
SecretKeySpec signingKey = new SecretKeySpec(secretKey.getBytes(StandardCharsets.UTF_8), "HmacSHA256");
Mac mac = Mac.getInstance("HmacSHA256");
mac.init(signingKey);
byte[] rawHmac = mac.doFinal(message.getBytes(StandardCharsets.UTF_8));
signature = Hex.encodeHexString(rawHmac);
} catch (GeneralSecurityException var14) {
throw new IllegalArgumentException("Unexpected error while creating hash: " + var14.getMessage(), var14);
}
return String.format("CEA algorithm=%s,access-key=%s,signed-date=%s,signature=%s", "HmacSHA256", accessKey, datetime, signature);
}
}
}