# Authentication

Use the **login** method for the authentication process in the 2Checkout system.

## Parameters

<table><thead><tr><th width="146.2000732421875">Parameter</th><th>Type / Description</th></tr></thead><tbody><tr><td><code>merchantCode</code></td><td><strong>Required (string)</strong><br>Your merchant identification code.</td></tr><tr><td><code>date</code></td><td><strong>Required (string)</strong><br>GMT ISO Date format (e.g. 2010-01-01 12:13:14)</td></tr><tr><td><code>hash</code></td><td><strong>Required (string)</strong><br>Calculated HMAC_SHA256 signature based on <code>merchantCode</code> and <code>date</code>, using your secret key.</td></tr></tbody></table>

## Request parameters

To create the HMAC\_SHA256 source string use your merchant code and the date of the request, prefixing them with the length in bytes of each respective value, along with your account’s secret key (for UTF-8 characters the length in bytes might be longer than the string length).&#x20;

For example:

| Parameter                                                                                        | Type / Description                                                   |
| ------------------------------------------------------------------------------------------------ | -------------------------------------------------------------------- |
| `merchantCode`                                                                                   | <p><strong>Your merchant account code.</strong><br>8AVANGATE</p>     |
| `date`                                                                                           | <p><strong>2010-05-13 12:12:12</strong><br>192010-05-13 12:12:12</p> |
| **HMAC source string**                                                                           | 8AVANGATE192010-05-13 12:12:12                                       |
| **Secret key**                                                                                   | SECRET\_KEY                                                          |
| **Calculated HMAC\_SHA256 signature** based on `MerchantCode` and `Date`, using your secret key: | bf763db7d333e9c3038698cf59ada3e6                                     |

### Request sample

```php
<?php

$host   = "https://api.2checkout.com";

$merchantCode = "YOURCODE123";
//your account's merchant code available in the 'System settings' area of the cPanel:
//https://secure.2checkout.com/cpanel/account_settings.php

$key          = "SECRET_KEY";
//your account's secret key available in the 'System settings' area of the cPanel:
//https://secure.2checkout.com/cpanel/account_settings.php

$now          = gmdate('Y-m-d H:i:s'); //GMT date format)
$algo = "sha256";
$string = strlen($merchantCode) . $merchantCode . strlen($now) . $now;
$hash = hash_hmac($algo, $string, $key);

try {
    $client = new SoapClient($host . "/soap/6.0/?wsdl", array(
        'location' => $host . "/soap/6.0/",
        "stream_context" => stream_context_create(array(
            'ssl' => array(
                'verify_peer' => false,
                'verify_peer_name' => false
            )
        ))
    ));
    $sessionID = $client->login($merchantCode, $now, $hash, $algo);
    echo("Auth token: {$sessionID}" . PHP_EOL);
}
catch (SoapFault $e) {
    echo "Authentication: " . $e->getMessage() . PHP_EOL;
    exit;
}
```

## Response parameters

<table><thead><tr><th width="128.2000732421875">Parameter</th><th>Type / Description</th></tr></thead><tbody><tr><td><code>sessionID</code></td><td><strong>String</strong><br>Session identifier, the output of the <strong>Login</strong> method. Include <code>sessionID</code> into all your requests. 2Checkout throws an exception if the values are incorrect. The <code>sessionID</code> expires in 10 minutes.</td></tr></tbody></table>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.2checkout.com/channel-manager-api/channel-manager-api/api-6.0/soap-6.0/authentication.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.