Link Signing

Each survey link can be signed by Prodege. The signature can then be verified within your system to ensure the signature is legitimate. Please consult with your Prodege representative to enable link signing. The signature scheme will be built based on the following formula where StringToSign consists of all parameters included in the URL, in alphabetical order, and concatenated by a colon (:). The SecretKey will be provided to you by Prodege.

Base64( SHA256( UTF-8-Encoding-Of(SecretKey + “:” + StringToSign) ) ),

Example

Base URL:

https://www.mysurveys.com/survey

Parameters:

a_variable=12345, b_variable=54321, c_variable=1ab2c3d4e5, d_variable=5e4d3c2b1a

Secret Key:

abcdef123456

In this example, the signature would be calculated as follows:

Base64(SHA256(UTF-8-Encoding-Of(abcdef123456:a_variable=12345:b_variable=54321:c_variable=1ab2c3d4e5:d_variable=5e4d3c2b1a)))

End Result:

https://www.mysurveys.com/survey?a_variable=12345&b_variable=54321&c_variable=1ab2c3d4e5&d_variable=5e4d3c2b1a&signature=4E-yZ3M3AjthWeVFNeAK3LYbXbVMbZKUbpt4Iudf3qw

Note: As the result of SHA256 can have characters that cannot be passed un-encoded as a query string parameter, the following character replacements must be made: