Hash Creation in Postman

Ask the Experts and Postman Tips
1

Hi Team,

we are using the marvel developer APIs for QA hiring purpose but we observed hash issues, who we will create the hash in the API.
You can create account from “https://developer.marvel.com/account” website if doesn’t have already.

End Point: https://gateway.marvel.com:443/v1/public/characters
Error occurred and says

image
image1294×614 30.8 KB

To remove error, we need to give the public key as a parameter as highlighted below

image
image1421×843 173 KB

When I added public key as parameter, I got the error as “hash unavailable”
Could you please suggest how we can create hash parameter

image
image1262×609 35.5 KB

I found something from google but not exact the same

  • hash - a md5 digest of the ts parameter, your private key and your public key (e.g. md5(ts+privateKey+publicKey)
    CryptoJS.MD5(timestamp+privateKey+publicKey)

Could someone please let me know I can create hash from timestamp, private and public key.

2

Hey @aakashjain8693,

Welcome to the community :wave:

Actually, it asks you to send ts (timestamp) and apiKey and hash when sending requests. If the API key will be your public key hash, it should be timestamp + privateKey + publicKey as you said.

https://www.md5hashgenerator.com/ you can generate a sample hash here.

You can easily access information from this document. Authorizing and Signing Requests

image
image2262×1308 236 KB

You can hire me. I’m just kidding :sweat_smile:

3

Thanks, Got the missing points.
Definitely let me connect you for the hiring process :slight_smile:

Just for the reference, I created pre-request Script too.

const public1=pm.environment.get("public");
const private1=pm.environment.get("private");
const time=pm.environment.get("ts");
hash= CryptoJS.MD5(time+private1+public1).toString();
pm.environment.set('hash', hash);
console.log(hash);

Do you have any idea why we can not go ahead with timestamp value as “{{$timestamp}}” to get the system generated values?

1 Like
4

This would need to be replaced with const time=pm.environment.replaceIn("{{$timestamp}}"); if you wanted to use that dynamic variable in the request.

5

Script as

const public1=pm.environment.get("public");
const private1=pm.environment.get("private");
const time=pm.environment.replaceIn("{{$timestamp}}");
hash= CryptoJS.MD5(time+private1+public1).toString();
pm.environment.set('hash', hash);
console.log(hash);

Nope, Error introduced as

{
    "code": "InvalidCredentials",
    "message": "That hash, timestamp and key combination is invalid."
}
6

Without knowing what ts was in the environment variable and why you needed to change this to {{$timestamp}} - This code doesn’t really mean anything.

The code will create something with a timestamp, using that dynamic variable.

const public1 = pm.environment.get("public"),
    private1 = pm.environment.get("private"),
    time = pm.environment.replaceIn("{{$timestamp}}"),
    hash = CryptoJS.MD5(time + private1 + public1).toString();
    
pm.environment.set('hash', hash);

console.log({time})
console.log({hash})

Screenshot 2020-11-09 at 10.10.09
Screenshot 2020-11-09 at 10.10.091333×953 97.7 KB

It feels like using something that you don’t know how to use, as a portal for hiring someone new seems strange.

7

Thanks @danny-dainton.
Yup, Strange but org. looking into different perspective.

Anyway thanks for the solution. I was just looking for different views on ts hard code value as “1” and timestamp system generated encrypted code.

8

use MD5 HASH Generator to generate sample hash for testing.

1 Like
9

Hash creation has been one of the interesting topic around, so we created a Postman’s public collection for encryption and decryption using Crypto JS.

Run in Postman

Cheers :tada:

10

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.