Authentication

Authentication requires 2 parameters: API Token ID and API Secret. These parameters can be obtained from API Setting page. We use JSON Web Token open standard for Authentication. First you need to build an auth payload.

Auth Payload Parameters

Parameters

Description

path

the request path e.g. /orders?product_id=1

nonce

a strictly increasing number, uniquely created for each request. We recommend using a millisecond timestamp at the time of making request e.g. 1459142524488

token_id

Token ID

After constructing the auth payload, you need to sign it with your secret using HMAC-SHA256 (HS256). JWT.encode(auth_payload, user_secret, 'HS256') You can choose to manually sign by following JWT specs. But we highly recommend using a JWT library, which is available in a wide range of programming languages.

Request Header

Parameters

Description

X-Quoine-Auth

Signature obtained from signing the Auth Payload

require 'uri'
require 'net/http'
require 'time'
require 'jwt'

uri = URI.parse("https://api.liquid.com")
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true

token_id = 'YOUR_API_TOKEN_ID'
user_secret = 'YOUR_API_SECRET'
path = '/orders?product_id=1'

auth_payload = {
  path: path,
  nonce: DateTime.now.strftime('%Q'),
  token_id: token_id
}

signature = JWT.encode(auth_payload, user_secret, 'HS256')

request = Net::HTTP::Get.new(path)
request.add_field('X-Quoine-API-Version', '2')
request.add_field('X-Quoine-Auth', signature)
request.add_field('Content-Type', 'application/json')

response = http.request(request)

Last updated