The system works using an MD5 hash "signature" parameter:

  • there's a new parameter "Signature" which you'll need to add to all API requests
  • this signature is generated by doing an MD5 hash of the request's query string (sorted alphabetically) concatenated with your secret key
    Sample: MD5.getHash("ApiKey=partnerKeyParamA=ValAParamB=ValB"+partnerSecret)
  • Note that there is no space between the the value of one param and the key of the next.
  • the secret key is just that -- secret. It should NEVER be passed in as a parameter -- it should be stored on the partner's side and never disclosed/emailed publically for any reason.

Im hoping to get some updated samples shortly.