Authorisation
To authorise your requests, you need to pass two headers:
X-Processing-Key – the public key that you can find in your account
X-Processing-Signature – the POST body, signed by the secret key HMAC-SHA512. You can find the secret key in your account as well.
For example (in JavaScript):
const paramsArray = { key: 'value' };
const requestBody = JSON.stringify(paramsArray);
const signature = crypto.createHmac('sha512', apiSecret).update(requestBody).digest('hex');
You also need to include this key in the headers for all requests:
"Content-Type": "application/json"
You can compare the validity of the signature that you generate with our example.
Sample request:
Secret key: AbCdEfG123456
Request body in JSON format:
{"currency":"BTC","foreign_id":"123456"}
Sample signature that you'd get in response:
03c25fcf7cd35e7d995e402cd5d51edd72d48e1471e865907967809a0c189ba55b90815f20e2bb10f82c7a9e9d865546fda58989c2ae9e8e2ff7bc29195fa1ec
Last updated
Was this helpful?