Your EPS account
Sign in to view secure API documentation, update your account details, log support requests and much more.
Your email or password is incorrect. Please try again or reset your password.
If the issue persists please contact your EPS representative.
Reset your password
Please enter your email address below. We will send password reset instructions to the email associated with your EPS account.
Thank you
An email has been sent to your account email address with further instructions on how to reset your password.
API 金鑰驗證與存取
您需使用 HTTP 授權標頭才能在每個要求中傳輸 API 金鑰,與 SHA-512 簽章雜湊。簽章雜湊由 API 金鑰、共用密碼與 UNIX 時間戳記組成。
建立授權標頭
EPS 要求授權標頭使用以下格式:請注意,必須加上 EPS
前綴。此前綴可確保正確的授權規則套用至您的要求。
Authorization: EAN APIKey=yourAPIKey,Signature=sha512Hash,timestamp=yourUNIXTimestamp
您的 signature
值,為串連 API 金鑰、共用密碼、UNIX 時間戳記 (單位為秒) 的 Unsalted SHA-512 雜湊。
您的 timestamp
值,必須與用來產生 signature
的值相同。若提供不同的時間戳記值,EPS 將無法確認您的簽章雜湊值,且會拒絕您的要求。
以下是完整授權標頭的範例:
Authorization: EAN APIKey=dkc4wrkp7w58wx5v2jxen2kx,Signature=Mgup2Azf,timestamp=1476739212
驗證授權標頭
嘗試測試要求之前,請先針對 EPS 簽章產生器測試您的專屬程式碼。
注意:NTP 時間同步
EPS 會利用網路時間通訊協定 (NTP) 同步內部伺服器的時間。若您也使用 NTP,就不會發生時間同步方面的問題。大多數的現代作業系統都支援這項或類似的時間同步服務,請查看您的 OS 文件確認。系統接受時間戳記有合理的時差,容許任一端的伺服器時間戳記最多相差五分鐘。
簽章產生程式碼範例
PHP
$apiKey = "abcdefg"; $secret = "1a2bc3"; $timestamp = time(); $authHeader = 'Authorization: EAN APIKey=' . $apiKey . ',Signature=' . hash("sha512", $apiKey.$secret.$timestamp) . ',timestamp=' . time();
JavaScript
var crypto = require('crypto'); var request = require('request'); var apiKey = "123"; var secret="123"; var timestamp = Math.round((new Date().getTime()/1000)); var hash = crypto.createHmac('sha256', apiKey+secret+timestamp).digest('hex'); var authHeaderValue = 'EAN APIKey=' +apiKey+ ',Signature=' + hash + ',timestamp=' + timestamp;
Java
import java.io.UnsupportedEncodingException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.Timestamp; import java.util.Date; String apiKey = "123"; String secret = "123"; Date date= new java.util.Date(); Long timestamp = (date.getTime() / 1000); String signature = null; try { String toBeHashed = apiKey + secret + timestamp; MessageDigest md = MessageDigest.getInstance("SHA-512"); byte[] bytes = md.digest(toBeHashed.getBytes("UTF-8")); StringBuilder sb = new StringBuilder(); for(int i=0; i< bytes.length ;i++){ sb.append(Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1)); } signature = sb.toString(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } String authHeaderValue = "EAN APIKey=" + apiKey + ",Signature=" + signature + ",timestamp=" + timestamp;
Python
import hashlib import datetime apiKey = "123" secret = "123" timestamp = str(int(time.time())); authHeaderValue = "EAN APIKey=" + apiKey + ",Signature=" + hashlib.sha512(apiKey+secret+timestamp).hexdigest() + ",timestamp=" + timestamp
Ruby
require 'digest' apiKey="123" secret="123" timestamp = Time.now.to_i toBeHashed = "#{apiKey}#{secret}#{timestamp}" signature = Digest::SHA2.new(512).hexdigest(toBeHashed) authHeaderValue = "EAN APIKey=#{apiKey},Signature=#{signature},timestamp=#{timestamp}"
C#
String apiKey = "123"; String secret = "123"; TimeSpan epochTicks = new TimeSpan(new DateTime(1970, 1, 1).Ticks); TimeSpan unixTicks = new TimeSpan(DateTime.UtcNow.Ticks) - epochTicks; double unixTime = (int)unixTicks.TotalSeconds; var toBeHashed = apiKey + secret + unixTime; var bytes = System.Text.Encoding.UTF8.GetBytes(toBeHashed); using (var hash = System.Security.Cryptography.SHA512.Create()) { var hashedInputBytes = hash.ComputeHash(bytes); var hashedInputStringBuilder = new System.Text.StringBuilder(128); foreach (var b in hashedInputBytes) hashedInputStringBuilder.Append(b.ToString("X2")); var signature = hashedInputStringBuilder.ToString(); var authHeaderValue = "EAN APIKey=" + apiKey + ",Signature=" + signature +",timestamp=" + unixTime; }
Perl
use strict; use Crypt::Digest::SHA512 qw(sha512_hex); my $apiKey = '123'; my $secret = '123'; my $timestamp = time; my $sig = sha512_hex($apiKey . $secret . $timestamp); my $authHeaderValue = "EAN APIKey=".$apiKey.",Signature=".$sig.",timestamp=".$timestamp; print $authHeaderValue;
保護您的共用密碼
請謹慎保管此密碼,因為提供給您的共用密碼,對於防護要求資料的安全非常重要。切勿在任何可公開存取的網站或應用程式程式碼中,加入原始值。若您已獲准整合 EPS Rapid,便會向您提供共用密碼與 API 金鑰。
EPS Home | EPS Portal Login | Expedia Partner Central | Advertise with Expedia | News | Privacy Policy | Cookie Policy
© 2020 Expedia, Inc. All Rights Reserved.