Authorization is accomplished through the transmission of two headers:

1. X-Processing-Key - The public key retrieved from the user's account.
2. X-Processing-Signature - The secret key for HMAC-SHA512 is also obtained from the user's account.

See example below in PHP language:

1. $paramsArray = ['key' => 'value'];
2. $requestBody=json_encode($paramsArray);
3. $signature=hash_hmac('sha512',$requestBody,$apiSecret);


In addition, you must use the following format key in the headers for all requests:

1. "Content-Type": "application/json"


You can check the authenticity of your signature against our example to see if it's legitimate.

The following information will be utilised to accomplish this:

1. Secret key: AbCdEfG123456
2. Request body in JSON format:
3. {"currency":"BTC","foreign_id":"123456"}


You should receive the following signature with such information:

03c25fcf7cd35e7d995e402cd5d51edd72d48e1471e865907967809a0c189ba55b90815f20e2bb10f82c7a9e9d865546fda58989c2ae9e8e2ff7bc29195fa1ec