Im building one REST api with php slim feamework.
Planning to implement the HMAC security with public and private hash method like in this link:
http://websec.io/2013/02/14/API-Authentication-Public-Private-Hashes.html
But for the client side, we are not using curl, instead it is JQuery to invoke the api.
But how can we generate the hash securly with the private key + data combination? Since js is clientside, we cant declare a variable to store the private key.
Please help.