Authentication V1

All API calls related to a user account, require authentication.

You need to provide 3 parameters to authenticate a request:

  • "X-PCK": API Public Key

  • "X-Stamp": Nonce

  • "X-Signature": Signature


Nonce is a regular integer number. It must be current timestamp in milliseconds.

It is a must to sync your current time with API server time which is in miliseconds format. Our servers are using UTC timezone. You can check the server time here.


Signature is a HMAC-SHA256 encoded message. The HMAC-SHA256 code must be generated using a private key that contains a timestamp as nonce and your API key.

Code Example

var apiSecret = YOUR_API_SECRET;
var nonce = new DateTimeOffset(DateTime.UtcNow).ToUnixTimeMilliSeconds();
string message = apiKey + nonce;
using (HMACSHA256 hmac = new HMACSHA256(Convert.FromBase64String(apiSecret)))
   byte[] signatureBytes = hmac.ComputeHash(Encoding.UTF8.GetBytes(message));
   string X_Signature = Convert.ToBase64String(signatureBytes));

Last updated