search

Authenticate Request

Every request is authenticated via verifying signature, payload and apiKey.

circle-info

Note: Add apiKey, signature and payload in every request header.

hashtag
Sample header to add API key, Signature and Payload

const headers = {
      'apikey': apiKey,
      'payload': payload,
      'signature': signature,
    };

hashtag
Generate Payload and Signature

const CryptoJS = require('crypto-js');

async function generatePayloadAndSignature(secret, body) {
  const timestamp = Date.now().toString();
  const obj = {
    body,
    timestamp
  };
  const payload = CryptoJS.enc.Base64.stringify(CryptoJS.enc.Utf8.parse(JSON.stringify(obj)));
  const signature = CryptoJS.enc.Hex.stringify(CryptoJS.HmacSHA512(payload, secret));
  return { payload, signature };
}

hashtag
Postman Pre request Script

hashtag
AUTHENTICATION ERROR CODE

Error Codes
Error Message

429

Too many requests!

500

Internal server error.

401

Invalid Signature

401

Missing necessary header data

401

Invalid api key

401

Missing timestamp in payload

401

Missing body in payload

401

Timestamp expired

401

Ahead of time

401

Body and Payload mismatch

NextSandbox Environment