CSOD

app.js

var http = require('http');
var request = require('request');
var moment = require("moment");
var crypto = require('crypto');

var apiToken = 'MY-TOKEN';
var apiSecret = 'MY-SECRET';

var generateSession = function(userName, sessionName) {
  var relativeUrl = "/services/api/sts/GenerateSession/"+userName+"/"+sessionName;
  var url = "https://icappirio.csod.com" + relativeUrl;
  var utc = moment.utc().format('YYYY-MM-DDTHH:mm:ss.000');
  var signature = getApiSignature(relativeUrl, apiToken, apiSecret, "GET", utc);

  console.log(signature);

  var options = {
      url: url,
      headers: {
          'x-csod-date': utc,
          'x-csod-api-key': apiToken,
          'x-csod-signature': signature
      }
  };

  request(options, function(error, response, body) {

    console.log(response.statusCode); // returning 401
    console.log(error); // return null
    console.log(body); // XML with message: CSOD Unauthorized Exception:Check your credentials.

    return {
      token: "token-from-response",
      secret: "secret-from-response"
    };

  });
}

var getApiSignature = function(url, apiToken, apiSecret, httpVerb, utc) {
  var stringToSign = httpVerb + "\n" + "x-csod-api-key:" + apiToken + "\n" + "x-csod-date:" + utc + "\n" + url;
  return getSignature(apiSecret, stringToSign);
}

var getSignature = function(secretString, stringToSign) {
  var signed = crypto.createHmac('sha512', secretString).update(stringToSign).digest('hex');
  return new Buffer(signed).toString('base64')
}

var requestListener = function (req, res) {

  var userName = "jdouglas";
  var sessionName = userName + moment().unix();
  var session = generateSession(userName, sessionName);

  res.writeHead(200);
  res.end("done");
}

var server = http.createServer(requestListener); server.listen(3000);

Hi there, have you figure why is returning CSOD Unauthorized Exception:Check your credentials?

Are you running this from a server? If you are calling this from the client only, you are likely to get the Unauthorized Exception.