Signature Authentication (Recommended)

Discontinuing Push Notification Service TPNS

Announcements

Features

SDK for Android

SDK for iOS

SDK for macOS

Release Notes

Overview

Strengths

Use Cases

Global Deployment

Product Introduction

Billing Overview

Purchase Directions

Billing Modes

Free Trial

Payment Overdue

Purchase Guide

Creating Products and Applications

Quick Integration with Android

Quick Integration with iOS

Creating a Push Task

Querying Push Records

Guidelines for Push Testing Methods

Product Restrictions

Getting Started

Troubleshooting Tool

Conversion Funnel

Push Plan

Push Settings

Message Recall

Push Management

Multi-Package Name Push

Notification Tap-to-Redirect

Custom Push Speed

Channel Policies

Message Collapse

Rich Media Notification

Custom Notification

Push to Accounts

Advanced Push Features

Operation Guide 

iOS Badge Feature Practice

Practical Tutorial

API Overview

Basic Auth Authentication

Request Structure

Call Method

Push API

Creating a Push Plan

Account Package Upload API

Token Package Upload API

Push APIs

Tag Binding and Unbinding

Deleting All Devices Under Tag

Tag APIs

Account Binding and Unbinding

Account and Device Binding Query

Account APIs

Querying Daily Aggregated Push Statistics

Querying Device Statistics

Querying All Push Information in Specific Period

Querying Push Information for One Task

Querying Push Statistics for a Single Task

Querying Aggregated Statistics for Multiple Tasks

Querying All Push Tasks on the Day by Token

Statistics APIs

User Attribute APIs

Server-Side Error Codes

Server SDKs

API (Java)

API Documentation

SDK Integration

Vendor Channel Integration Guide

Vendor Channels

Android SDK FAQs

Compatibility with Android P

Error Codes

Android Integration Guide

Acquisition of Push Certificate

Push Environment Selection Description

Extension Feature

iOS SDK FAQs

iOS Integration Guide

Client Integration Plugin

Push Certificate Description

macOS Integration Guide

SDK Documentation

Quick Configuration

Advanced Custom Configuration

Resource Tag

Users and Permissions

Service Level Agreement

Service Agreement

Android

Flutter

Others

FAQs

Privacy Policy

Data Processing and Security Agreement

Developer Agreement

Tencent Push Notification Service Policy

Contact Us

Glossary

Tencent Push Notification Service

This document describes the signature authentication methods of Tencent Push Notification Service.

The HMAC-SHA256 algorithm is used to generate signing information according to 

. The authentication is performed by verifying the signature, which ensures higher security and is recommended.

 + request body to get the original string to sign:


String to sign = ${TimeStamp} + ${AccessId}} + ${request body}

 as the key to sign the original string to generate a signature:


Sign = Base64(HMAC_SHA256(SecretKey, string to sign))

In addition to the general headers, the HTTP request also needs to carry the current request timestamp, 

 information. The specific parameters are as follows:

The specific HTTP request message is as follows:

Sign: Y2QyMDc3NDY4MmJmNzhiZmRiNDNlMTdkMWQ1ZDU2YjNlNWI3ODlhMTY3MGZjMTUyN2VmNTRjNjVkMmQ3Yjc2ZA==

String to encrypt = 15653147891500001048{"audience_type": "account","message": {"title": "test title","content": "test content","android": { "action": {"action_type": 3,"intent": "xgscheme://com.xg.push/notify_detail?param1=xg"}}},"message_type": "notify","account_list": ["5822f0eee44c3625ef0000bb"] }

 in the string to sign must be exactly the same as the data in the message body, including spaces and encoding.

Generate a hexadecimal hash based on the key through the HMAC-SHA256 algorithm, i.e., 

secretKey =1452fcebae9f3115ba794fb0fff2fd73

hashcode = hmac-sha256(SecretKey, string to sign)

Result: hashcode="09f07d2a518a8814e369dcd9534f10b8a29d128531a19adaa28cb247605c1e84"

Base64-encode the hashcode to get the following signature string:

Sign="MDlmMDdkMmE1MThhODgxNGUzNjlkY2Q5NTM0ZjEwYjhhMjlkMTI4NTMxYTE5YWRhYTI4Y2IyNDc2MDVjMWU4NA=="

tencent cloud