BtcTurk | Kripto API Documentation
  • General Information
  • API Access Permissions
  • Data Center
  • Recent changes
  • Authentication
    • Authentication V1
    • Usage
  • Public Endpoints
    • All Public Endpoints
    • Get Exchange Info
    • Get Tickers
    • Get OrderBook
    • Get Trades
    • Get OHLC Data
    • Get Kline Data
  • Private Endpoints
    • All Private Endpoints
    • Get Account Balance
    • Get User Transactions
    • Get Fiat Transactions
    • Get Crypto Transactions
    • Get Open Orders
    • Get All Orders
    • Get Single Order
    • Submit an Order
    • Cancel an Order
  • Rate Limits
  • Websocket Feed
    • WebSocket Authentication
    • Channel, Event and Model
    • Models
    • TradingView
  • Errors
  • Error Handling For Order Operations
    • Retry Strategy Guideline
  • Pairs Scale (Quantity/Price)
  • FAQ (Frequently Asked Questions)
  • Contact Us
Powered by GitBook
On this page

Was this helpful?

  1. Authentication

Authentication V1

PreviousRecent changesNextUsage

Last updated 2 years ago

Was this helpful?

All API calls related to a user account, require authentication.

You need to provide 3 parameters to authenticate a request:

  • "X-PCK": API Public Key

  • "X-Stamp": Nonce

  • "X-Signature": Signature

For API Key instructions visit

Nonce

Nonce is a regular integer number. It must be current timestamp in milliseconds.

It is a must to sync your current time with API server time which is in miliseconds format. Our servers are using UTC timezone. You can check the server time .

Signature

Signature is a HMAC-SHA256 encoded message. The HMAC-SHA256 code must be generated using a private key that contains a timestamp as nonce and your API key.

Code Example

var apiKey = YOUR_API_PUBLIC_KEY;
var apiSecret = YOUR_API_SECRET;
var nonce = new DateTimeOffset(DateTime.UtcNow).ToUnixTimeMilliSeconds();
string message = apiKey + nonce;
using (HMACSHA256 hmac = new HMACSHA256(Convert.FromBase64String(apiSecret)))
{
   byte[] signatureBytes = hmac.ComputeHash(Encoding.UTF8.GetBytes(message));
   string X_Signature = Convert.ToBase64String(signatureBytes));
}
<?php
$apiKey = YOUR_API_PUBLIC_KEY;
$apiSecret = YOUR_API_SECRET;
$message = $apiKey.(time()*1000);
$signatureBytes = hash_hmac('sha256', $message, base64_decode($apiSecret), true);
$signature = base64_encode($signatureBytes);
$nonce = time()*1000;
$headers = array(
  'X-PCK: '.$apiKey,
  'X-Stamp: '.$nonce,
  'X-Signature: '.$signature,
  'Content-Type: application/json',
);
apiKey = YOUR_API_PUBLIC_KEY
apiSecret = YOUR_API_SECRET
apiSecret = base64.b64decode(apiSecret)
stamp = str(int(time.time())*1000)
data = "{}{}".format(apiKey, stamp).encode('utf-8')
signature = hmac.new(apiSecret, data, hashlib.sha256).digest()
signature = base64.b64encode(signature)

headers= {
  "X-PCK": apiKey,
  "X-Stamp": stamp,
  "X-Signature": signature,
  "Content-Type": "application/json"
}
publicKey := "PUBLIC_KEY_HERE"
privateKey := "PRIVATE_KEY_HERE"

key, error := base64.StdEncoding.DecodeString(privateKey)

if error != nil {
	return error
}

nonce := fmt.Sprint(time.Now().UTC().UnixMilli())
message := publicKey + nonce
hmac := hmac.New(sha256.New, key)
hmac.Write([]byte(message))
signature := base64.StdEncoding.EncodeToString(hmac.Sum(nil))
const API_KEY = "API_KEY_HERE"
const API_SECRET = "API_SECRET_HERE"
    
const stamp = (new Date()).getTime()
const data = Buffer.from(`${API_KEY}${stamp}`, 'utf8')
const buffer = crypto.createHmac('sha256', Buffer.from(API_SECRET, 'base64'))
buffer.update(data)
const digest = buffer.digest()
const signature = Buffer.from(digest.toString('base64'), 'utf8').toString('utf8')

return {
    'Content-type': 'application/json',
    "X-PCK": API_KEY,
    "X-Stamp": stamp.toString(),
    "X-Signature": signature,
}
public_key = 'PUBLIC_KEY_HERE'
private_key = 'PRIVATE_KEY_HERE'

uri = URI.parse('https://api-dev.btcturk.com/api/v1/order')
timestamp = Time.now.to_i*1000
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
request = Net::HTTP::Post.new(uri)

data = public_key + timestamp.to_s
private_key = Base64.decode64(private_key).strip
digest = OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'), private_key, data)
sign = Base64.encode64(digest).strip

https://docs.btcturk.com/api-access-permissions
here