API Authentication

Authentication is based on two headers:

X-Munzen-Key: your_api_key
X-Munzen-Signature: request_signature

X-Munzen-Key is your API key (public key) which you can get in your account dashboard.
X-Munzen-Signature — is a signature generated from the request body and signed by your secret API key HMAC-SHA256.

Keep in mind that it is mandatory to add a timestamp with every request. You can see a few examples below.

Code Examples

Here are a few examples with signature generation code:

// This is your API secret key
$apiSecret = 'PUT_YOUR_API_SECRET_HERE';

// How we will send our request
$requestMethod = 'POST';

// Request params
// timestamp — request UTC time in Unix Timestamp; 
$paramsArray = ['key1' => 'value1', 'key2' => 'value2', 'timestamp' => 1677237754];

// Sort recursive by keys
ksortRecursive($paramsArray);

// Concat request string recursive
$requestBody = implodeRecursive($paramsArray);

// Generate the string to sign
$stringToSign = $requestMethod . $requestBody;

// Recieve the hash
$signature = hash_hmac('sha256', $stringToSign, $apiSecret);


// Helper functions
function ksortRecursive(mixed &$array): void
{
    if (!is_array($array)) {
        return;
    }
    
    ksort($array);
    
    foreach ($array as $k => $v) {
        ksortRecursive($array[$k]);
    }
}

function implodeRecursive(mixed $array): string
{
    $output = '';
    foreach ($array as $item) {
        if (is_array($item)) {
            $output .= implodeRecursive($item);
        } else {
            $output .= $item;
        }
    }
    return $output;
}

// Do not forget to import CryptoJS library for HMAC-SHA256 hashing

// This is your API secret key
const apiSecret = 'PUT_YOUR_API_SECRET_HERE';

// How we will send our request
const requestMethod = 'POST';

// Request params
// timestamp — request UTC time in Unix Timestamp; 
const paramsObject = { key1: 'value1', key2: 'value2', timestamp: 1677237754 };

// Sort recursive by keys
function ksortRecursive(obj) {
  if (typeof obj !== 'object') {
    return;
  }
  
  const sortedKeys = Object.keys(obj).sort();
  const sortedObject = {};
  
  sortedKeys.forEach((key) => {
    sortedObject[key] = obj[key];
    ksortRecursive(sortedObject[key]);
  });
  
  Object.keys(obj).forEach((key) => {
    delete obj[key];
  });
  
  Object.assign(obj, sortedObject);
}

ksortRecursive(paramsObject);

// Concat request string recursive
function implodeRecursive(obj) {
  let output = '';
  
  for (const key in obj) {
    const item = obj[key];
    
    if (typeof item === 'object') {
      output += implodeRecursive(item);
    } else {
      output += item;
    }
  }
  
  return output;
}

const requestBody = implodeRecursive(paramsObject);

// Generate the string to sign
const stringToSign = requestMethod + requestBody;

// Receive the hash
const signature = CryptoJS.HmacSHA256(stringToSign, apiSecret).toString();

import hashlib
import hmac

# This is your API secret key
api_secret = 'PUT_YOUR_API_SECRET_HERE'

# How we will send our request
request_method = 'POST'

# Request params
# timestamp — request UTC time in Unix Timestamp;
params_dict = {'key1': 'value1', 'key2': 'value2', 'timestamp': 1677237754}

# Sort recursive by keys
def ksort_recursive(dictionary):
    return {k: ksort_recursive(v) if isinstance(v, dict) else v for k, v in sorted(dictionary.items())}

params_dict = ksort_recursive(params_dict)

# Concatenate request string recursively
def implode_recursive(dictionary):
    return ''.join(implode_recursive(v) if isinstance(v, dict) else str(v) for v in dictionary.values())

request_body = implode_recursive(params_dict)

# Generate the string to sign
string_to_sign = request_method + request_body

# Calculate the HMAC-SHA256 signature
signature = hmac.new(api_secret.encode(), string_to_sign.encode(), hashlib.sha256).hexdigest()

# Print the signature
print(signature)

PreviousAPI Requests NextEnvironments

Last updated 2 years ago

// This is your API secret key $apiSecret = 'PUT_YOUR_API_SECRET_HERE'; // How we will send our request $requestMethod = 'POST'; // Request params // timestamp — request UTC time in Unix Timestamp; $paramsArray = ['key1' => 'value1', 'key2' => 'value2', 'timestamp' => 1677237754]; // Sort recursive by keys ksortRecursive($paramsArray); // Concat request string recursive $requestBody = implodeRecursive($paramsArray); // Generate the string to sign $stringToSign = $requestMethod . $requestBody; // Recieve the hash $signature = hash_hmac('sha256', $stringToSign, $apiSecret); // Helper functions function ksortRecursive(mixed &$array): void { if (!is_array($array)) { return; } ksort($array); foreach ($array as $k => $v) { ksortRecursive($array[$k]); } } function implodeRecursive(mixed $array): string { $output = ''; foreach ($array as $item) { if (is_array($item)) { $output .= implodeRecursive($item); } else { $output .= $item; } } return $output; }

// Do not forget to import CryptoJS library for HMAC-SHA256 hashing // This is your API secret key const apiSecret = 'PUT_YOUR_API_SECRET_HERE'; // How we will send our request const requestMethod = 'POST'; // Request params // timestamp — request UTC time in Unix Timestamp; const paramsObject = { key1: 'value1', key2: 'value2', timestamp: 1677237754 }; // Sort recursive by keys function ksortRecursive(obj) { if (typeof obj !== 'object') { return; } const sortedKeys = Object.keys(obj).sort(); const sortedObject = {}; sortedKeys.forEach((key) => { sortedObject[key] = obj[key]; ksortRecursive(sortedObject[key]); }); Object.keys(obj).forEach((key) => { delete obj[key]; }); Object.assign(obj, sortedObject); } ksortRecursive(paramsObject); // Concat request string recursive function implodeRecursive(obj) { let output = ''; for (const key in obj) { const item = obj[key]; if (typeof item === 'object') { output += implodeRecursive(item); } else { output += item; } } return output; } const requestBody = implodeRecursive(paramsObject); // Generate the string to sign const stringToSign = requestMethod + requestBody; // Receive the hash const signature = CryptoJS.HmacSHA256(stringToSign, apiSecret).toString();

import hashlib import hmac # This is your API secret key api_secret = 'PUT_YOUR_API_SECRET_HERE' # How we will send our request request_method = 'POST' # Request params # timestamp — request UTC time in Unix Timestamp; params_dict = {'key1': 'value1', 'key2': 'value2', 'timestamp': 1677237754} # Sort recursive by keys def ksort_recursive(dictionary): return {k: ksort_recursive(v) if isinstance(v, dict) else v for k, v in sorted(dictionary.items())} params_dict = ksort_recursive(params_dict) # Concatenate request string recursively def implode_recursive(dictionary): return ''.join(implode_recursive(v) if isinstance(v, dict) else str(v) for v in dictionary.values()) request_body = implode_recursive(params_dict) # Generate the string to sign string_to_sign = request_method + request_body # Calculate the HMAC-SHA256 signature signature = hmac.new(api_secret.encode(), string_to_sign.encode(), hashlib.sha256).hexdigest() # Print the signature print(signature)