Open in app

Sign in

Write

Sign in

Walmart.io Affiliate Signature Header Generation in NodeJS

J. Cookie (they/them)
2 min readOct 15, 2022

--

Annoyed with WM_SEC.AUTH_SIGNATURE like I was? Read on!

TL;DR

You can use the code in this gist to generate your Walmart Affiliate API headers.

NOTE: if you have problems, try a Production consumer id.

I am working on a project with a friend which necessitates accessing the Walmart Affiliate API.

The documentation above references the additional headers which have to be added to each request, including an encrypted signature header.

They provide an example of generating the signature in Java, but not in any other language.

But I’m not using Java for the back-end here, I’m using NodeJS. What to do?

First principles: this should be a solved problem. Time for a web search.

That led to this article on Medium — Guide: How to use the Walmart Affiliate API with NodeJS. Awesome!

But I still had problems when I followed the guide, so with all due credit to Jelle Van de Vliet, the following is my expanded guide.

Key Generation

Getting started with the API requires generating public and private keys. For our example code, it is easier to have an unencrypted RSA private key. Following the instructions that Walmart provides, we’ll be left with some PKCS8 keys in `.pem` files.

We want a PKCS1 private RSA key to use with the NodeRSA package, so we’ll add an additional step. The complete ‘script’ follows:

If you’ve already generated your key, this is the only command you’ll need:

Consumer ID Creation

In order to use the API with the key pair you just generated, you’ll need to upload your public key (copied to your clipboard as the last command above, so repeat that command if you don’t have the key in your clipboard).

Walmart’s instructions on how to do this are fine … except … they don’t mention that the example API calls require Production Consumer IDs.

So when you upload your public key, choose the “Production” environment.

Generating Headers to Sign API Requests

The following is the code that I use to generate my Walmart Affiliate API request headers:

To restate what is written in Jelle’s guide, these are the required steps to generate the signature:

  1. Create a string concatenating the values which will be sent as WM_CONSUMER.ID , WM_CONSUMER.TIMESTAMP, and WM_SEC.KEY_VERSION — in that order — with a newline after each item.
  2. Create an instance of NodeRSA , providing your private key.
  3. Using the instance to .sign the signature source string, creating a buffer.
  4. Encode the buffer as a base64 string in order to use it in your headers.

Following creating the signature, you must create the headers. For ease, I do both at the same time.

Refer to this gist for a full example.

Conclusion

Once you can generate the signature header, you’re all set to use the Walmart.io Affiliate API.

Happy coding!

Walmart
API
Nodejs
Signature
Rsa

--

--

J. Cookie (they/them)
J. Cookie (they/them)

Written by J. Cookie (they/them)

27 Followers
24 Following

With a passion for user experience and helping people, while proficient in the full stack, they currently focus on Front End development.

Responses (1)

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams