Security Token

Security Token

Security Token

Raaft takes your application security very seriously. That's why we safeguard all communication between your site and Raaft not only with SSL but with 256 bit HMAC tokens.

What is an HMAC token?

If you want all the details of HMAC, you can read about it here. Simply put, an HMAC token is a unique password generated in a specific way by your server and sent with every request to Raaft. Whenever Raaft receives instructions to do something on your account, it checks that the password is correct.

How do I generate the token?

Calculating a HMAC token is simple. All you need is your user's subscription-id, a secret key and a few lines of code. Sample code for several server-side languages is available in the connection wizard. For security purposes, the token must be calculated server-side.

How do I use the token?

Once the token is calculated, you simply include it when you launch your flow.