Upon receipt of the request the API will:
- Generate the Request Signature. The API generates a Request Signature by hashing the HTTPVerb + ResourcePath + ApplicationKey using the Shared Secret as the HMAC key, storing the query parameters in the Query String in alphabetical order.
- Decode the Authorization Header. The Authorization Header is decoded using Base 64 and is compared to the Request Signature. When successfully matched the request is serviced; when unsuccessful an HTTP 401 Unauthorized code is returned.