Step 1 – Follow the Apply for access link to register for your API credentials.
Step 2 – You will receive an email once your application is approved with your api credentials.
Step 3 – You can configure your callback URL and maintain your credentials by following Maintain Credentials.
Step 4 - Implementation.
The HC System requires the API Key, a CorrelationId and passphrase, to be sent in the Headers with every request, this will be used to identify the calling system and to prevent Replay attacks.
The CorrelationId is a concatenated string of the current UTC Date Time in the format of “yyyyMMddHHmm” and 32 Random Generated Alphanumeric characters (0-9, A-Z, a-z). This should give a total length of 44 characters.
The next step is to create a HASH using HMACSHA256 of your API Key. The Secret used in this HASH must be the concatenation of your CorrelationId from 1 above and your secret.
Lastly convert this HASH value to a base64 string and pass it to the server as your passphrase.
The Following Headers must be included with every request: