Authentification
API requests to Any.Cash are authenticated using API secret key. Any request that isn't signed with your API secret key will return an error. The signature is passed in HTTP header.
Signing a request
Signature generation example
function getQueryString() {
return request.url.split('?')[1] || '';
}
function getBodyString() {
const payload = request.data;
if (typeof payload === 'object') {
if (Object.keys(payload).length) {
return JSON.stringify(payload);
} else {
return '';
}
}
return payload;
}
function generateSignature(
queryString, bodyString, timestamp, userSecretKey, tenantSecretKey) {
const str = queryString + bodyString + String(timestamp);
const signedStr = CryptoJS.HmacSHA512(str, userSecretKey).toString();
return tenantSecretKey
? CryptoJS.HmacSHA512(signedStr, tenantSecretKey).toString()
: signedStr;
}
const queryString = getQueryString();
const bodyString = getBodyString();
const timestamp = Date.now();
const signature = generateSignature(queryString, bodyString, timestamp, userSecretKey, tenantSecretKey);Custom headers of the requests
Header name
Description
Last updated