HMAC protected API and Postman request

I am trying to issue requests against an API which is HMAC protected.

I can successfully send a request using a HMAC auth plugin for HTTPie like this:

http --auth-type=hmackey --auth="key1:secret1" api_url

However, I've not had any success by issuing requests through Postman. I'm following the link below which explains how to use a pre-request script, but I'm always getting a 401:

https://github.com/acquia/http-hmac-postman

Any thoguhts?

Solution

If you want to create a hmac for the post request and set it to the header, simply use cryptoJs as below in the pre-request script.

const secret = 'your_secret';

var hash = CryptoJS.HmacSHA256(pm.request.body.toString(), secret);
var hashBase64 = CryptoJS.enc.Base64.stringify(hash);

console.log(hashBase64);

//set it to the environment variable
pm.environment.set("HmacContentSha", "hashBase64");

The environment variable HmacContentSha need to pass in the request header.

Restful FedEx Trade Document Upload API - Can't upload signature or letterhead images
Published on webserver core8 api works from POSTMAN and from weserver published frontend but ERR_CONNECTION_RESET from client browser
How to Set Up and Test Firebase Cloud Messaging (FCM) Push Notifications with HTTP v1 API Using Postman?
Postman Invalid characters in native dialog on Snap
Postman - collect variable
ReferenceError: b87b is not defined at HTMLButtonElement.onclick
Global Function access in Postman
Why do I get this error: Postman Error: Malformed part header?
Postman: add header in a pre-request script
How do I set express multer to accept images from nested fields and test it in postman?
Why my ASP.NET Core app complains about invalid certificate?
Microsoft Ads SubmitGenerateReport operation as AdPerformanceReportRequest returns RequiredColumnsNotSelected
Post man retuning null file, even file is uploaded
Pass array as query parameter in Postman
Using django with postman {"detail":"CSRF Failed: CSRF token missing or incorrect."}
WhatsApp template name does not exist in the translation
Call a Rest API without FE application for every 10mins
HTTP Request Returns 200 OK but No Content in Response in Spring Boot
POSTMAN not sending anything in the body in POST requests
Spring File Upload - 'Required request part is not present'
upload file springboot Required request part 'file' is not present
Postman: Required request part 'file' is not present
Signature expired: is now earlier than error : InvalidSignatureException
When using Jenkins/Newman/Postman how do you protect the client_id/client_secret credentials?
I am getting 404 error in postman with post method in laravel
UserNotFound Error for Existing Role in WSO2 IS 7.0.0 XACML Policy
connect ECONNREFUSED in Postman
Getting error 500 on DELETE request in Postman
How can I call with Postman a RESTful API deployed with Gradio?
ASP.NET Core Web API trying to upload file and store in database: ERROR: 415: Unsupported Media Type