Secure your mock APIs

Mocklets

Home Dashboard

Search…

Mocklets

Getting Started

Working with Collections

Managing Mock Apis

Manage your files

Open API Specifications 3.x

Integration with external editors

Response Headers

Monitor Request Logs

Secure your mock APIs

Important Links

Home

Dashboard

Secure your mock APIs

Secure your APIs against unauthorized use.

Now that Mocklets APIs are being used in production environment to manage Application Configuration and experiment with new features, there is a need to secure the APIs against unauthorized use.
Collections have a Private key associated to them. You will find it in Auth Credentials in Collection Settings dialog.
To set an API as secured, just select the option Mark API as Secure in API settings. 
That's it, your API is now secure! 
Now all the unauthorized requests to the above API will start failing.
​
Making Authorized requests
Once your API is set as secured, you cannot connect to it through unauthorized requests. In order to make an authorized request, you need to provide Auth headers with your requests.
X-Mocklets-PublicKey : PUBLIC_KEY
X-Mocklets-Checksum : b2b449452e99c7804585021971fb7a84
X-Mocklets-PublicKey
Public key is a string value used by client system to create the checksum. Public key is created by the client.
X-Mocklets-Checksum
To generate checksum, you have to create MD5 hash string for Public key (provided in X-Mocklets-PublicKey header) and Private key (from Mocklets collection settings) pair.
checksum = MD5_HASH(PUBLIC_KEY : PRIVATE_KEY)
​
Please refer the following code snippets to generate MD5 Hash.
Java
Kotlin
JavaScript
Python
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
.
.
String plainText = PUBLIC_KEY + ":" + PRIVATE_KEY;
​
MessageDigest md = MessageDigest.getInstance("MD5");
byte[] hashInBytes = md.digest(password.getBytes(StandardCharsets.UTF_8));
​
StringBuilder builder = new StringBuilder();
for (byte bt : hashInBytes) {
    builder.append(String.format("%02x", bt));
}
​
String checksum = builder.toString();
import java.security.MessageDigest
.
.
val plainText = PUBLIC_KEY + ":" + PRIVATE_KEY
val bytes = MessageDigest.getInstance("MD5").digest(plainText.toByteArray())
​
val builder = StringBuilder()
for (bt in bytes) {
    builder.append(String.format("%02x", b))
}
​
val checksum = builder.toString()
const md5 = require('md5');
.
.
const checksum = md5(PUBLIC_KEY + ':' + PRIVATE_KEY);
import hashlib
.
.
md5 = hashlib.md5()
md5.update(PUBLIC_KEY + ":" + PRIVATE_KEY)
checksum = m.hexdigest()
​
You can also use online MD5 hash generator tools to create checksum value. One such tools is https://www.md5online.org. 
online MD5 generator

Monitor Request Logs

Last modified 2yr ago

Copy link