Sign verification
To ensure the data is from Track123, it's recommended to verify the data signature (or you can directly parse the POST data without verification). The security authentication process is as follows:
Extract the
timestampandsignatureparameters from HTTP Header.Use your Track123 Token and the
timestamp(in plain text) to generate a signature, and compare it with the signature in the HTTP Header (signature algorithms: PHP uses SHA256, JAVA uses HmacSHA256).
Headers
Accept: application/json
X-Track123-Timestamp:1724750053243
X-Track123-Signature:xxxxxxxxxxxxxxxx
Content-Type: application/json
Body
{
"carrierInfo": {
"code": "royal-mail",
"homePage": "https://www.royalmail.com/",
"logo": "https://example.png",
"name": "Royal Mail",
"phone": "+44 3457740740",
"queryLink": "https://www.royalmail.com/track-your-item#{trackingNo}"
},
"customerName": "Thomas Von",
"deliveryDate": "2024-01-10 16:15:00",
"email": "deming@gojitech.co",
"fulfillmentDate": "2024-03-14 08:14:50",
"lastTrackingTime": "2024-01-10 16:15:00",
"orderName": "#Ab1021",
"orderNumber": 1021,
"orderTags": "tag1",
"phone": "+8614452112",
"shippingAddress": {
"shippingAddress": "50 Power Street",
"shippingCity": "Toronto",
"shippingCountry": "Canada",
"shippingCountryCode": "CA",
"shippingProvince": "Ontario"
},
"storeUrl": "demo.myshopify.com",
"trackingNumber": "YT122315645615",
"transitDays": 4,
"transitStatus": "Delivered",
"transitSubStatus": "Delivered",
"trackInfo":[
{
"eventTime":"2024-01-10 16:15:00",
"eventDetail":"Your express has been delivered",
"eventLocation":"US,CA,Fontana"
},
{
"eventTime":"2024-01-08 12:15:00",
"eventDetail":"Shipment in transit at US,CA,Fontana, please wait in patience",
"eventLocation":"US,CA,Fontana"
}
]
}Related article: Delivery Status and Substatus of Shipments in Track123