How to get Authorization Key?

[Kushal Modi]

I want to add signature on petition functionality on my application.

I have read documents. Authorization Keys is mandatory to add signature on any petition.

I am not able to understand correct procedure to get Authorization Keys.

What should I put in source field and callback_endpoint field.

Can you please explain it with some real time example?

Please check my below query which I used to get Authorization Key.

POST : https://api.change.org/v1/petitions/petitionID/auth_keys

api_key : my API KEY

source_description : Youtube Demo

source : www.youtube.com/watch?v=66mrE9gDVFg

requester_email : kushal...@gmail.com

callback_endpoint : http://requestb.in/zekjygze

I use only above parameters to get Authorization Key.

Please help me if I need to add more parameters.

Please help me if I need to correct value of any parameter.

Please help me to understand "source" parameter.

Thanks in advance.

Kushal Modi.

[Azraar Azward]

Hi, 

Try this code, i just used it yesterday to get my auth key.  Read the comments in the code to understand why each of it is used. Make sure you use the correct email address associated with your API key to requester_email

$api_key = '1a1fdd375286e22801c0da1416d477e0608f5db275301cbe55f1b5314b791ABC';
$secret_token = '7a38898cf6a85e8222cfb55ce2aea60186980353af5ce539dafccd5a3ca1aABC';
$petition_id = 3776824;
$host = 'https://api.change.org';
$endpoint = "/v1/petitions/$petition_id/auth_keys";
$request_url = $host . $endpoint;
$params = array();
$params['api_key'] = $api_key;
$params['source_description'] = 'This is a test description.'; // Something human readable.
$params['source'] = 'test_source'; // Eventually included in every signature submitted with the auth key obtained with this request.
$params['requester_email'] = 'azr...@gmail.com'; // The email associated with your API key and Change.org account.
$params['timestamp'] = gmdate("Y-m-d\TH:i:s\Z"); // ISO-8601-formtted timestamp at UTC
$params['endpoint'] = $endpoint;
// Build request signature and add it as a parameter
$query_string_with_secret_and_auth_key = http_build_query($params) . $secret_token;
$params['rsig'] = hash('sha256', $query_string_with_secret_and_auth_key);
// Final request body
$query = http_build_query($params);
// Make the request

$curl_session = curl_init();
curl_setopt_array($curl_session, array(
    CURLOPT_POST => 1,
    CURLOPT_URL => $request_url,
    CURLOPT_POSTFIELDS => $query,
    CURLOPT_RETURNTRANSFER => true
));
$result = curl_exec($curl_session);
$result = curl_exec($curl_session);
$json_response = json_decode($result, true);
print_r($json_response);

[Kushal Modi]

Hi Azraar Azward,

Thanks for your quick reply.

I resolved my query yesterday only. Now I am able to get Auth Key.

But somehow I am facing new problem today. :(

I want to add signature on a petition.

I have used below parameters to add a signature on petition.

POST : https://api.change.org/v1/petitions/1650315/signatures

api_key : my API KEY

auth_key : my Auth Key for petition 1650315

source : http://www.myblog.com/posts/a-post-about-a-petition (same which I used to get Auth Key)

email : viral30s...@gmail.com

timestamp : 2015-08-12T06:50:00Z

endpoint : /v1/petitions/1650315/signatures

first_name : Viral

last_name : Upa

city : Noida

postal_code : 201301

country_code : 91

rsig : my rsig(Created with same procedure as to get Auth Key)

I use only above parameters to get Signature on petition.

But I get below response.

{"result":"failure","messages":["Invalid request signature."]}

I doubt there is some problem in rsig value. Let me know how to generate rsig value to add signature on petition.

Please help me if I need to add more parameters.

Please help me if I need to correct value of any parameter.

Best Regards,

Kushal Modi.

[Kushal Modi]

Hi Azraar Azward,

I have got solution to add signature also.

Thanks for the help.

Best Regards,

Kushal Modi.

[Azraar Azward]

What was your solution? if you post it here, it will help others.

[Rob Weatherall]

Yes, please tell us your solution.
I am having same issue for a week

[ratne...@gmail.com]

Hello Azraar Azward ,

I have used your code but could not be able to get the authorization key for my petition Here is my code ,

$api_key = 'd40bc3a30f491ee2ebd20124b0039edb6dafb66397e9721789454df1393e8041';
$secret = '73f8fd7622aabd8ed40e205beb8f1345334850b8ec49f82fb1ef0acb01fc329a';
$petition_id = 8687210;

$host = 'https://api.change.org';
$endpoint = "/v1/petitions/$petition_id/auth_keys";
$request_url = $host . $endpoint;
$params = array();
$params['api_key'] = $api_key;

$params['source_description'] = 'YouTube video'; // Something human readable.
$params['source'] = 'http://www.youtube.com/watch?v=AayLwwvn77s'; // Eventually included in every signature submitted with the auth key obtained with this request.
$params['requester_email'] = 'watson....@gmail.com'; // The email associated with your API key and Change.org account.

$params['timestamp'] = gmdate("Y-m-d\TH:i:s\Z"); // ISO-8601-formtted timestamp at UTC
$params['endpoint'] = $endpoint;
// Build request signature and add it as a parameter
$query_string_with_secret_and_auth_key = http_build_query($params) . $secret_token;
$params['rsig'] = hash('sha256', $query_string_with_secret_and_auth_key);
// Final request body
$query = http_build_query($params);
// Make the request

$curl_session = curl_init();
curl_setopt_array($curl_session, array(
    CURLOPT_POST => 1,
    CURLOPT_URL => $request_url,
    CURLOPT_POSTFIELDS => $query,
    CURLOPT_RETURNTRANSFER => true
));
$result = curl_exec($curl_session);

$json_response = json_decode($result, true);
print_r($json_response);

So please guide me in right direction