Special API Request Signatures
Algorithm
Initialize
signatureBase
to an empty string.Append the API's HTTP method to
signatureBase
.Append
'&'
tosignatureBase
.Append percent-encoded full URL path (without
?
or any query parameters) tosignatureBase
.Append
'&'
tosignatureBase
.Initialize
parameterString
to an empty string.For GET / DELETE requests:
Sort query parameters in ascending order lexicographically;
Append percent-encoded key name to
parameterString
;Append an
'='
toparameterString
;Append percent-encoded value to
parameterString
;Append a
'&'
if there are more key value pairs.
For POST / PUT requests:
Append request body as a string to
parameterString
.
Append percent-encoded
parameterString
tosignatureBase
Calculate the SHA-256 hash of
signatureBase
ashash
.Sign
hash
with the private EdDSA key and getRx
,Ry
, andS
.Concatenate
Rx
,Ry
, andS
using','
as:${Rx},${Ry},${S}
.
HTTP Method and URL
Please make sure you use only the following HTTP methods, in upper case letters.
GET
POST
PUT
DELETE
Also make sure the HTTPS header is included and is in lower case. For example:
Example
Actually, so far only 2 API need this special EDDSA API signing -- updateApiKey & cancel order, let's see how the signatureBase is constructed.
Update user API key
For the above url with the following url query parameters:
or
accountId
10005
parameterString
shoule be:
and signatureBase
should be:
Cancel Order
For the above url with the following url query parameters:
or
accountId
10005
clientOrderId
Sample
parameterString
should be:
and signatureBase
should be:
Last updated