Authentication V1
All API calls related to a user account, require authentication.
You need to provide 3 parameters to authenticate a request:
  • "X-PCK": API Public Key
  • "X-Stamp": Nonce
  • "X-Signature": Signature

API Public key

You can create the API key from the Account > API Access page in your exchange account.

Nonce

Nonce is a regular integer number. It must be current timestamp in milliseconds.
It is a must to sync your current time with API server time which is in miliseconds format. Our servers are using UTC timezone. You can check the server time here.

Signature

Signature is a HMAC-SHA256 encoded message. The HMAC-SHA256 code must be generated using a private key that contains a timestamp as nonce and your API key.

C# Code Example

1
var apiKey = YOUR_API_PUBLIC_KEY;
2
var apiSecret = YOUR_API_SECRET;
3
var nonce = new DateTimeOffset(DateTime.UtcNow).ToUnixTimeMilliSeconds();
4
string message = apiKey + nonce;
5
using (HMACSHA256 hmac = new HMACSHA256(Convert.FromBase64String(apiSecret)))
6
{
7
byte[] signatureBytes = hmac.ComputeHash(Encoding.UTF8.GetBytes(message));
8
string X_Signature = Convert.ToBase64String(signatureBytes));
9
}
Copied!

Python Code Example

1
apiKey = YOUR_API_PUBLIC_KEY
2
apiSecret = YOUR_API_SECRET
3
apiSecret = base64.b64decode(apiSecret)
4
stamp = str(int(time.time())*1000)
5
data = "{}{}".format(apiKey, stamp).encode('utf-8')
6
signature = hmac.new(apiSecret, data, hashlib.sha256).digest()
7
signature = base64.b64encode(signature)
8
9
headers= {
10
"X-PCK": apiKey,
11
"X-Stamp": str(nonce),
12
"X-Signature": str(base64.b64encode(signature).decode('utf-8')),
13
"Content-Type: application/json"
14
}
Copied!

PHP Code Example

1
<?php
2
$apiKey = YOUR_API_PUBLIC_KEY;
3
$apiSecret = YOUR_API_SECRET;
4
$message = $apiKey.(time()*1000);
5
$signatureBytes = hash_hmac('sha256', $message, base64_decode($apiSecret), true);
6
$signature = base64_encode($signatureBytes);
7
$nonce = time()*1000;
8
$headers = array(
9
'X-PCK: '.$apiKey,
10
'X-Stamp: '.$nonce,
11
'X-Signature: '.$signature,
12
'Content-Type: application/json',
13
);
Copied!
Last modified 5mo ago