Authentication

API authentication is performed using the HMAC request signature sent in the HMAC header and api key in Authorization header.

The example below is created to reference "123456" for api_secret.

curl -X POST \
  https://kriptopay.com/api/merchant/invoices \
  -H 'Authorization: Token 8406c24e1bb3994a0fd6f3e7e7b2d63c5f0feb85194c07f88e4ffa95a5cb4e07' \
  -H 'HMAC: 80d66573c15adda3663485408a9ab445bfc1fc7e089bff7828dfbd7ebe626f728c32fb0a5233c48cfa1e13f046612518a9897d36b381d56dce430199ecb97f9f' \
  -H 'Content-Type: application/json' \
  -d '{"merchant_id":"le7o1Lckqq"}'

HMAC-SHA1 is an algorithm defined by RFC 2104 — Keyed-Hashing for Message Authentication. The algorithm takes as input two byte-strings, a key and a message.

PreviousDate formats NextHow it works

Last updated 1 year ago