Authentication V1
All API calls related to a user account, require authentication.
You need to provide 3 parameters to authenticate a request:
"X-PCK": API Public Key
"X-Stamp": Nonce
"X-Signature": Signature
You can create the API key from the Account > API Access page in your exchange account.
Nonce is a regular integer number. It must be current timestamp in milliseconds.
It is a must to sync your current time with API server time which is in miliseconds format. Our servers are using UTC timezone. You can check the server time here.
Signature is a HMAC-SHA256 encoded message. The HMAC-SHA256 code must be generated using a private key that contains a timestamp as nonce and your API key.
var apiKey = YOUR_API_PUBLIC_KEY;var apiSecret = YOUR_API_SECRET;var nonce = new DateTimeOffset(DateTime.UtcNow).ToUnixTimeMilliSeconds();string message = apiKey + nonce;using (HMACSHA256 hmac = new HMACSHA256(Convert.FromBase64String(apiSecret))){byte[] signatureBytes = hmac.ComputeHash(Encoding.UTF8.GetBytes(message));string X_Signature = Convert.ToBase64String(signatureBytes));}
apiKey = YOUR_API_PUBLIC_KEYapiSecret = YOUR_API_SECRETapiSecret = base64.b64decode(apiSecret)stamp = str(int(time.time())*1000)data = "{}{}".format(apiKey, stamp).encode('utf-8')signature = hmac.new(apiSecret, data, hashlib.sha256).digest()signature = base64.b64encode(signature)headers= {"X-PCK": apiKey,"X-Stamp": str(nonce),"X-Signature": str(base64.b64encode(signature).decode('utf-8')),"Content-Type: application/json"}
<?php$apiKey = YOUR_API_PUBLIC_KEY;$apiSecret = YOUR_API_SECRET;$message = $apiKey.(time()*1000);$signatureBytes = hash_hmac('sha256', $message, base64_decode($apiSecret), true);$signature = base64_encode($signatureBytes);$nonce = time()*1000;$headers = array('X-PCK: '.$apiKey,'X-Stamp: '.$nonce,'X-Signature: '.$signature,'Content-Type: application/json',);