Set Up HTTP Signature Message

Setting up your HTTP signature message requires you to follow these steps.

Figure:

Set Up HTTP Signature Message Workflow
  1. Sign up and register a
    Cybersource
    Business Center
    sandbox account. See Sign Up for a Sandbox Account.
  2. Create a shared secret key. See Create a Shared Secret Key Pair.
  3. Construct a message using HTTP signature security. See Construct Messages Using HTTP Signature Security.
  4. (Optional) Enable the optional message-level encryption feature. See Enable Message-Level Encryption.
  5. Go live by signing up and registering a
    Cybersource
    Business Center
    production account. Going Live.

Create a Shared Secret Key Pair

Key pairs are used with HTTP Signature message security.
Set Up HTTP Signature Message

Construct Messages Using HTTP Signature Security

HTTP signatures use a digital signature to enable the receiver to validate the sender's authenticity and ensure that the message was not tampered with during transit. For more information about HTTP signatures, see the IETF Draft that is maintained by the IETF HTTP Working Group (https://httpwg.org).
Follow these steps to implement HTTP signatures:
  1. Create the shared secret key pair. See Create a Shared Secret Key Pair.
  2. Generate a hash of the message body. See Generate a Hash of the Message Body.
  3. Generate a signature hash. See Generate the Signature Hash.
  4. Populate the
    signature
    header field. See Update Header Fields.
Set Up HTTP Signature Message