Digital signature hashing algorithm 

Partner need to use digital signature to connect to gloTransfer API. Digital signature schemes can be used for Partner authentication and non-repudiation. Partner who wants to send an API request will need to generate a digital signature and sends along the digital signature with other parameters to the relevant API method. 

The digital signature will be hashed using MD5 message digest hashing algorithm. Partner will received a Security Key from Tranglo and the Security Key will be concatenated together with other parameter’s value to become a single line string message to form the digital signature. 

Hashing Instruction and Notes 

1. Partner will be given a security key that will be used to do MD5 hashing to form the digital signature. Please keep the security key safe and do not expose it. 
2. Each API method will be using different formula to concatenate the parameter’s value and the Security Key together to form as a single line string. The formula for each of the API method is described on section below. 
3. Once the concatenated string is formed, it will be hashed using MD5 algorithm to generate the digital signature. 
4. The generated digital signature will be inputted to the parameter “Credentials.Signature” for every API method for API authentication. 

Hashing Formula 

Table below shows how to concatenate the specific parameter’s value and together with the given Security Key to form the single line string. When concatenate each of the parameter’s value together, you do not need to add additional space, comma (,), line break and etc. in between the parameters’ value. 

Sample Digital Signature for Reference 

Partner can refer to below sample generated Digital Signature as reference and result comparison.