Example in F#

From version 4.0 the recommended authentication method is JWT and not the URL signing described below

Example of how to sign a request in F#

F#

open System
open System.Text
open System.Security.Cryptography

let createSignature source =
	let bytes = Encoding.UTF8.GetBytes(source.ToString())
	let md5 = new MD5CryptoServiceProvider()
	let signatureBytes = md5.ComputeHash(bytes)

	let signature = (StringBuilder(), signatureBytes) ||> Seq.fold(fun sb b -> sb.Append(b.ToString("x2")))
	signature.ToString()

let token = "55f94bag59bd4b8865b66baa8b5aac28"
printfn "Token:\n %s\n" token

let secret = "2c5e395ggdff234a8"
printfn "Token:\n%s\n" token

let request = "http://site.meridix.se/api/customer/listcustomers"
printfn "Request:\n%s\n" request

let nonce = Guid.NewGuid().ToString().Substring(0, 8)
printfn "Nonce:\n%s\n" nonce

let timestamp = DateTime.UtcNow.ToString("yyyyMMddHHmmss")
printfn "Timestamp:\n%s\n" timestamp

let parameters = 
[
	"auth_nonce="+nonce;
	"auth_timestamp="+timestamp;
	"auth_token="+token
]

let parametersSorted = List.sort parameters

let parametersConcated = parametersSorted |> String.concat "&"
printfn "ParametersConcated:\n%s\n" parametersConcated

let paramatersConcatedEncoded = Uri.EscapeDataString(parametersConcated)
printfn "ParamatersConcatedEncoded:\n%s\n" paramatersConcatedEncoded

let requestEncoded = Uri.EscapeDataString(request)
printfn "RequestEncoded:\n%s\n" requestEncoded

// IMPORTANT - The GET&-prefix must be change to POST& etc. when using different HTTP Verbs than GET.
let verbRequestQuery = "GET&" + requestEncoded + "&" + paramatersConcatedEncoded + "&" + secret
printfn "VerbRequestQuery:\n%s\n" verbRequestQuery

let signature = createSignature verbRequestQuery
printfn "Signature:\n%s\n" signature

let signedRequest = request + "?" + parametersConcated + "&auth_signature=" + signature;
printfn "SignedRequest:\n%s\n" signedRequest

Documentation of ||> http://msdn.microsoft.com/en-us/library/ee340237.aspx