Authentication
Signature Description
There is a high risk of API requests being tampered with during transmission over the internet. Except for public endpoints (base information, market data), private endpoints must be signed and authenticated with your API Key to verify that parameters or values have not been modified in transit.
Endpoints are marked their corresponding weight value and permission.
Newly created API Key needs to be assigned permissions. Each API Key requires the appropriate permission(s) to access the corresponding endpoint. Please check required permission types before using the endpoints, and make sure your API Key has the appropriate permissions.
Signing
Get current millisecond
timestamp.Set query parameters as key-value pairs:
key=value(signature related value must not be URL-encoded).Sort the key-value pairs in ascending ASCII order by key and concatenate with
&(includetimestamp).Concatenate above result after
PATHwith?to generatePATH_URL.Concatenate
METHODandPATH_URL.Concatenate related entity body of
POSTandDELETEafter step 5. Skip this step if there is no entity body.Use
API Secretand the above result to generateHMAC SHA256code, then convert it to hexadecimal.Assign the hex result to
PIONEX-SIGNATURE, add it toHeaderand send request.
Example:
User's API Secret and timestamp are:
The base part of request to query the order list is:
Step 1, get current timestamp
Step 2, set query parameters as key-value pairs: key=value
Step 3, Sort the key-value pairs in ascending ASCII order by key and concatenate with &
Step 4, concatenate above result after PATH with ? to generate PATH_URL.
Step 5, concatenate METHOD and PATH_URL.
Step 6, Concatenate related entity body of POST and DELETE after step 5. Skip this step if there is no entity body.
Step 7, Use API Secret and the above result to generate HMAC SHA256 code, then convert it to hexadecimal.
Last updated