Example in Node.js

function randomString(length) {
var chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
var result = '';
for (var i = length; i > 0; --i) result += chars[Math.round(Math.random() * (chars.length - 1))];
return result;
}

function createSignature(text)
{
var crypto = require('crypto');
var hash = crypto.createHash('md5').update(text).digest('hex');
return hash;
}

var token = "42f94ba7c9bi4b8887b66baa8a567c28";
console.log('Token:\n' + token);

var secret = "2c9e39f72f434a8";
console.log('Secret:\n' + secret);

var request = "http://site.meridix.se/api/customer/listcustomers";
console.log('Request URL:\n' + request);

var nonce = randomString(8);
console.log('Nonce:\n' + nonce);

require('date-utils');
var now = new Date();
var utc = new Date(now.getTime() + now.getTimezoneOffset() * 60000);
var timestamp = utc.toFormat('YYYYMMDDHH24MISS');
console.log('Timestamp:\n' + timestamp);

var parameters = [
'auth_nonce=' + nonce,
'auth_timestamp=' + timestamp,
'auth_token=' + token
];
parameters.sort();

var parametersConcated = parameters.join('&');
console.log('ParametersConcated:\n' + parametersConcated);

var parametersConcatedEncoded = encodeURIComponent(parametersConcated);
console.log('ParametersConcatedEncoded:\n' + parametersConcatedEncoded);

var requestEncoded = encodeURIComponent(request);
console.log('RequestEncoded:\n' + requestEncoded);

// IMPORTANT - The GET&-prefix must be change to POST& etc. when using different HTTP Verbs than GET.
var verbRequestQuery = 'GET&' + requestEncoded + '&' + parametersConcatedEncoded + '&' + secret;
console.log('VerbRequestQuery:\n' + verbRequestQuery);

var signature = createSignature(verbRequestQuery);
console.log('Signature:\n' + signature);

var signedRequest = request + '?' + parametersConcated + '&auth_signature=' + signature;
console.log('SignedRequest:\n' + signedRequest);