Search
K

Signature Operation

For example:

https://api.aboard.exchange/bsc/api/v1/order/orders?
orderId=1234567890&clientId=7623910&beginTime=1634437275876
Header:
ABOARD-API-KEY: e2xxxxxx-99xxxxxx-84xxxxxx-7xxxx
ABOARD-TIMESTAMP:1637115675000
ABOARD-SIGNATURE:4F65x5A2bLyMWVQj3Aqp+B4w+ivaA7n5Oi2SuYtCJ9o=
The signature may be different if the request text is different, therefore the request should be normalized before signing. The following signature steps will take the order query on the above side as an example.

Signature Method:

1. The request Method (GET or POST, WebSocket use GET), append line break "\n"
GET\n
2. The host with lower case, append line break "\n"
api.aboard.exchange\n
3. The path(WebSocket is fixed to /users/self/verify), append line break "\n". (Take the path from /api, such as /bsc/api/v1/order/orders, which is actually /api/v1/order/orders)
/api/v1/order/orders\n
4. Timestamp, append line break "\n"
1637115675000\n
5. API Access Key, append line break "\n" if parameters are not empty.
Notice, "data" in Post method is not parameter.
e2xxxxxx-99xxxxxx-84xxxxxx-7xxxx\n
6. The parameters are URL encoded, and ordered based on ASCII(Use UTF-8 encoding and URL encoded, the hex must be upper case. For example, The semicolon ':' should be encoded as '%3A', The space should be encoded as '%20'). For example below is the original parameters:
orderId=1234567890
clientId=7623910
beginTime=1634437275876
Then above parameter should be ordered like below:
beginTime=1634437275876
clientId=7623910
orderId=1234567890
Use char "&" to concatenate all parameters.
beginTime=1634437275876&clientId=7623910&orderId=1234567890
7. Assemble the pre-signed text:
GET\napi.aboard.exchange\n/api/v1/order/orders\n1637115675000\ne2xxxxxx-99xxxxxx-84xxxxxx-7xxxx\nbeginTime=1634437275876&clientId=7623910&orderId=1234567890
8. Calculate the signature and pass the following two parameters into the encrypted hash function(HmacSHA256):
pre-signed text
GET\napi.aboard.exchange\n/api/v1/order/orders\n1637115675000\ne2xxxxxx-99xxxxxx-84xxxxxx-7xxxx\nbeginTime=1634437275876&clientId=7623910&orderId=1234567890
your Secret Key
b0xxxxxx-c6xxxxxx-94xxxxxx-dxxxx
Encode the hash code with base-64 to generate the signature
4F65x5A2bLyMWVQj3Aqp+B4w+ivaA7n5Oi2SuYtCJ9o=
9. Put the signature into request header 'ABOARD-SIGNATURE'.
Previous
WebSocket Private Information Streams
Next - For developer
GitHub
Last modified 1yr ago