RunSignUp Protected API

Protected API

Some API calls require a protected_api_signature parameters in the URL. These are protected APIs. To access these APIs, please contact us at to get and ID and signing secret.


These are used to generate the protected_api_signature in API requests. The signature should have the format <ID>.<UNIX Timestamp>.<Nonce>.<HMAC Hash>. The <UNIX Timestamp>portion must be within 5 minutes of the current time on the RunSignUp servers. The <Nonce> portion must be 8 random alphanumeric characters that are unique within a 15 minute interval. The <HMAC Hash> portion is the SHA1 hash (in hex) using the HMAC method of the string before this value (including the period just before). In PHP, this would be:

$id = …;
$secret = '…';
$nonce = …;
$sig = $id . '.' . time() . '.' . $nonce . '.';
$sig = $sig . hash_hmac('sha1', $sig, $secret);
echo $sig;

Signature Generator (For Testing Only)

From Our Blog:
Feb 21st, 2018
Bring Back My Fundraising Team

We have made it simple for fundraisers to “bring back their team” – sending them invites once your team fundraising page is complete. Set this up in your Fundraising Settings (Dashboard—>Donation—>Setup) and click on “Enable Bring Back my Team”) Once this feature is enabled (just by checking that box), a captain can bring back their... Continue Reading →

Feb 21st, 2018
Technology Webinar: RunSignUp and eventbaxx, specialist in digital goodie bags

Our first webinar of 2018 is coming up next week, in collaboration with technology partner eventbaxx. Date: Wednesday, February 28, 2018 Time: 12:00pm ET (11:00am PT) Join us for a webinar with one of our new technology partners, eventbaxx. Highlights include: Importance and advantages of digitizing race events Live demonstration of the solution eventbaxx and... Continue Reading →