# Authenticate Request {% hint style="info" %} **Note:** Add apiKey, signature and payload in every request header. {% endhint %} ### Sample header to add API key, Signature and Payload ```javascript const headers = { 'apikey': apiKey, 'payload': payload, 'signature': signature, }; ``` ### Generate Payload and Signature ```javascript const CryptoJS = require('crypto-js'); async function generatePayloadAndSignature(secret, body) { const timestamp = Date.now().toString(); const obj = { body, timestamp }; const payload = CryptoJS.enc.Base64.stringify(CryptoJS.enc.Utf8.parse(JSON.stringify(obj))); const signature = CryptoJS.enc.Hex.stringify(CryptoJS.HmacSHA512(payload, secret)); return { payload, signature }; } ``` ### Postman Pre request Script ```javascript const apiKey = "" const secret = "" let body; if(pm.request.body.urlencoded){ body = pm.request.body.urlencoded.reduce((data, param) => { data[param.key] = param.value; return data; }, {}); } else if(pm.request.body.formdata){ body = pm.request.body.formdata.reduce((data, param) => { data[param.key] = param.value; return data; }, {}); } else{ body = {} } const timestamp = Date.now().toString() const obj = { body, timestamp } let payload = CryptoJS.enc.Base64.stringify(CryptoJS.enc.Utf8.parse(JSON.stringify(obj))); let signature = CryptoJS.enc.Hex.stringify(CryptoJS.HmacSHA512(payload, secret)); pm.request.headers.add({ key: "apiKey", value: apiKey }); pm.request.headers.add({ key: "payload", value: payload }); pm.request.headers.add({ key: "signature", value: signature }); ``` #### AUTHENTICATION ERROR CODE | Error Codes | Error Message | | ----------- | ----------------------------- | | 429 | Too many requests! | | 500 | Internal server error. | | 401 | Invalid Signature | | 401 | Missing necessary header data | | 401 | Invalid api key | | 401 | Missing timestamp in payload | | 401 | Missing body in payload | | 401 | Timestamp expired | | 401 | Ahead of time | | 401 | Body and Payload mismatch |