Authorization is accomplished through the transmission of two headers:

1. X-Processing-Key - The public key retrieved from the user's account.
2. X-Processing-Signature - The secret key for HMAC-SHA512 is also obtained from the user's account.

See example below in PHP language:

1. $paramsArray = ['key' => 'value'];
2. $requestBody=json_encode($paramsArray);
3. $signature=hash_hmac('sha512',$requestBody,$apiSecret);

In addition, you must use the following format key in the headers for all requests:

1. "Content-Type": "application/json"

You can check the authenticity of your signature against our example to see if it's legitimate.

The following information will be utilised to accomplish this:

1. Secret key: AbCdEfG123456
2. Request body in JSON format:
3. {"currency":"BTC","foreign_id":"123456"}

You should receive the following signature with such information: