Authentication
Signature Description
There is a high risk of API requests being tampered with during transmission over the internet. Except for public endpoints (base information, market data), private endpoints must be signed and authenticated with your API Key to verify that parameters or values have not been modified in transit.
Endpoints are marked their corresponding weight value and permission.
Newly created API Key needs to be assigned permissions. Each API Key requires the appropriate permission(s) to access the corresponding endpoint. Please check required permission types before using the endpoints, and make sure your API Key has the appropriate permissions.
Signing
Get current millisecond
timestamp
.Set query parameters as key-value pairs:
key=value
(signature related value must not be URL-encoded).Sort the key-value pairs in ascending ASCII order by key and concatenate with
&
(includetimestamp
).Concatenate above result after
PATH
with?
to generatePATH_URL
.Concatenate
METHOD
andPATH_URL
.Concatenate related entity body of
POST
andDELETE
after step 5. Skip this step if there is no entity body.Use
API Secret
and the above result to generateHMAC SHA256
code, then convert it to hexadecimal.Assign the hex result to
PIONEX-SIGNATURE
, add it toHeader
and send request.
Example:
User's API Secret
and timestamp
are:
The base part of request to query the order list is:
Step 1, get current timestamp
Step 2, set query parameters as key-value pairs: key=value
Step 3, Sort the key-value pairs in ascending ASCII order by key and concatenate with &
Step 4, concatenate above result after PATH
with ?
to generate PATH_URL
.
Step 5, concatenate METHOD
and PATH_URL
.
Step 6, Concatenate related entity body of POST
and DELETE
after step 5. Skip this step if there is no entity body.
Step 7, Use API Secret
and the above result to generate HMAC SHA256
code, then convert it to hexadecimal.
Last updated