Authorization is done via sending two headers:

  1. X-Processing-Key – The public key, that can be obtained from user's account

  2. X-Processing-Signature – POST body, signed by the secret key HMAC-SHA512, secret key is also obtained from user's account

See example below in PHP language

$paramsArray = ['key' => 'value'];
$requestBody = json_encode($paramsArray);
$signature   = hash_hmac('sha512', $requestBody, $apiSecret);

Also, for all requests you need to use the next format key in the headers:

"Content-Type": "application/json"

You can compare the validity of the signature that you generate with our example.

To do this the following data will be used:

Secret key: AbCdEfG123456
Request body in JSON format:

With such data you should receive the following signature:


Last updated