How can I connect with Sumsub?

💬 Queries and Resources
1

  • Goal: Make API calls to Sumsub endpoints

  • Steps: Before make any API call to Sumsub endpoints, I have to create a signature in HEX format and also I have to get the number of seconds since Unix Epoch. I have to create this logic as a template for any kind of query to Sumsub endpoints.
    Where can I add this javascript logic in order to be executed before each call?

Sumsub doc: Authentication

2 Likes
3

Hi @Dario! Welcome to the community. :slightly_smiling_face:

I thought this would be a straightforward problem to solve, but it ended up being more intricate than I expected. At a high level, you should define a custom authentication flow on the resource itself in order to avoid having to redefine these headers on every single request.

image
image1358×1066 82.9 KB

image
image1370×886 69.9 KB

You'll then reference those variables in the resource's headers.

image
image1362×616 20.5 KB

The somewhat tricky part is that you need to also define a refresh flow that recalculates the value of these variables on every request.

image
image1356×946 77.7 KB

image
image1360×892 69.4 KB

image
image1358×554 22.2 KB

I know that's a lot, but it should do what you need it to do! Let me know if you have any follow-up questions.

1 Like
4

Hello Darren!!!

Thank you for your reply!!! Let me test it and I will back you!

Kind regards!

1 Like
5

Hello,

I have a couple of questions:

  • Can I return an array in my response with both variables? I think so but could you clarify it to me please. Like "return [signature, timestamp]
  • To create the signature, I have to access to the current URL. What is the javascript variable where I can get the current method and the current URL?
  • I need some javascript libraries like "crypto" for HMACSHA256 encryption. I know that I can add some Libraries from settings in each App, but how can I test it from custom flow?
6

@Darren

7

Hello @Darren ,

Just following up on my previous questions.

Kind regards!

8

Hey @Dario! Thanks for your patience.

  • Yes, you can definitely return an array of values from a JS block.
    image
    image1368×1092 85.8 KB
  • Unfortunately, I don't think this is currently possible.
  • If you look back to the above screenshot, you'll see that it's possible to require and utilize common JS libraries.
9

Hello!!!

If I cannot access the current generated URL. Do you know how can I dynamically create the signature through the URL?

Regards!

10

Just to clarify, you need to know the full URL and HTTP method of the individual request when generating the authentication signature? I'm pretty sure that particular information is scoped to the query definition itself. As such, it might not be possible to configure the resource in such a way that it automatically generates the proper signature for all queries.

As a workaround, I might instead recommend defining a workflow that calculates the necessary signature, makes the API request, and then returns its response. You'd be able to pass in the necessary information - path, method, payload, etc. - when triggering the workflow, while still centralizing all authentication logic. If your org is already invested in AWS infrastructure, you could accomplish the same thing with SNS and Lambda.