Authentication
Authentication requires 2 parameters: API Token ID and API Secret. These parameters can be obtained from API Setting page. We use JSON Web Token open standard for Authentication. First you need to build an auth payload.
Auth Payload Parameters
Parameters | Description |
path | the request path e.g. /orders?product_id=1 |
nonce | a strictly increasing number, uniquely created for each request. We recommend using a millisecond timestamp at the time of making request e.g. |
token_id | Token ID |
After constructing the auth payload, you need to sign it with your secret using HMAC-SHA256 (HS256).
JWT.encode(auth_payload, user_secret, 'HS256')
You can choose to manually sign by following JWT specs. But we highly recommend using a JWT library, which is available in a wide range of programming languages.
Request Header
Parameters | Description |
X-Quoine-Auth | Signature obtained from signing the Auth Payload |
Last updated