I need to create a signature using a sha256 HMAC algorithm for my API request. The message to be encrypted is a concatenation of timestamp, uppercase http method, URI without hostname + request body if there is one.
I have tried the following:
const endpoint = pm.request.url.toString().split("{{BASE_URL}}").pop()
var ts = Math.floor(Date.now() / 1000)
var message = ts + pm.request.method.toUpperCase() + endpoint + pm.request.body
var hmac = CryptoJs.algo.HMAC.create(CryptoJs.algo.SHA256, "{{SECRET_KEY}}")
hmac.update(message)
var hash = hmac.finalize()
However the API refuses saying the signature does not match the request. In my analogous implementation using crypto I don't have any problems. What am I doing wrong?
Edit:
The Question How to implement hmacSHA256 with Javascipt using CryptoJS suggested in the comments is asking how to implement hmac from scratch using cryptojs - I am trying to understand why my usage of the inbuild cryptojs hmac function is not working
