Introduction
AutoProctor uses HMAC with SHA256 for Authentication. Your CLIENT_SECRET is
the key for HMAC, and the relevant parameter is the message. Also, every
request must carry your CLIENT_ID. So, if you are, say, getting the results
for a testAttemptId, the request will carry the following:
CLIENT_IDtestAttemptId- Hash (HMAC) of
testAttemptId
Given any message, the hash is the SHA256 hash with the CLIENT_SECRET as the
HMAC key.
Client Libraries for calculating the hash
In the editor below, we show how to calculate the hash of the Test Attempt ID for a few different languages.
Compute SHA-256 HMAC
The tool below helps you calculate and verify the hashes for different messages (test attempt IDs, in this case). We provide this here to make it easy for you to verify that the hash value you calculate at your end matches what we expect.
The Credentials Object
As you will see in the next sections, to conduct a test or render its results, you will call methods on an AutoProctor object. To initialize this object, you will need to pass an object that contains these variables. We call this the credentials object. It contains the following keys:
| Key | Value | Required | Description |
|---|---|---|---|
|
| Yes | Unique identifier for your organization. Provided by AutoProctor. |
|
| Yes | The test attempt ID as identified by your database. (max 40 characters) |
|
| Yes | The hash of |