Where APIKey can be retrieved from us (if you don't have an API key yet, please contact us at support@satang.com). And the signature can be created using the procedure as in the Signing section.
Signing
1. Concatenate all request parameters into one string
Concatenate all request parameters as a string (this is only from body parameters for POST/DELETE requests, for GET requests, use empty string to sign in the next step) in the format of key1=value1&key2=value2&... where all keys are alphabetical-sorted, for examples:
An APISecret can be retrieved from us (if you don't have an API secret yet, please contact us at support@satang.com). Use the APISecret to sign the above string with SHA512 HMAC algorithm, for examples the following string:
And the APISecret as fc8fa6ef2a9e4949bdf72d38208803657659ff67f2a74486a04a64b0bf1f2e6fwould have the correct signature as:
Sending request
After creating the signature in the Signing section, we can now send the request with the complete request headers, for example using the above request parameters and signature:
Assuming the APIKey is live-2a6c1bd5eb0b4321aaaf26721e997e9f.
Security Concerns
As APISecret is so important for request signing. Please keep it only in the server where only authorized staffs can get access and never keep it in the client such as web browser.
Example Signing Code in Javascript
Signing request param with encrypt(apiSecret, str) function
const crypto = require("crypto")
let api_secret = '...'
let encrypt = (apiSecret, str) => {
let hmac = crypto.createHmac("sha512", apiSecret);
let signed = hmac.update(str).digest('hex');
return signed;
}
let request_header = 'amount='+String(order.amount)+'&nonce='+String(order.nonce)+'&pair='+String(order.pair)+'&price='+String(order.price)+'&side='+String(order.side)+'&type='+String(order.type)
let signed = encrypt(api_secret, request_header)
