CoinbarPay Official Docs
  • Introduction
    • πŸ”΅Coinbar Pay
    • πŸ”΅Key Features
    • πŸ”΅Target Audience
    • πŸ”΅Security and Compliance
  • Getting Started
    • πŸ”΅Summary
  • Service Activation
    • πŸ”΅Create Account
    • πŸ”΅Account Verification
    • πŸ”΅Activate Service
  • Point of Sale
    • πŸ”΅App Installation
    • πŸ”΅App Activation
    • πŸ”΅User Interface
    • πŸ”΅Accepting Payments
    • πŸ”΅Transactions & Reports
  • E-Commerce Plugins
    • πŸ”΅Introduction
    • πŸ”΅Downloads - Plugin
      • ⏺️Wordpress/WooCommerce
      • ⏺️Magento
      • ⏺️Request New
    • πŸ”΅Setup and Configuration
    • πŸ”΅Try your service
  • API Web Integration
    • πŸ”΅Introduction
    • πŸ”΅Service Configuration
    • πŸ”΅API Keys Management
    • πŸ”΅Payment Flow
    • πŸ”΅Payment Statuses
    • πŸ”΅API Documentation
      • ⏺️Authentication
      • ⏺️Request New Payment (web page)
      • ⏺️Payment Gateway
      • ⏺️Get Conversion Quotes (server-to-server)
      • ⏺️Execute Payment External Platform (server-to-server)
      • ⏺️Get Payment Status (server-to-server)
      • ⏺️Reports
    • πŸ”΅Sandbox Enviroment
  • Dashboard Platform
    • πŸ”΅Overview
    • πŸ”΅Manage...
      • ⏺️Payments
      • ⏺️Settlements
    • πŸ”΅Refunds & Assistance
    • πŸ”΅Reports & Exports
Powered by GitBook
On this page
  1. API Web Integration
  2. API Documentation

Authentication

When making requests to CoinbarPay's API, include the SERVICE_CLIENT_ID and a SIGNATURE_TOKEN generated by your SERVICE_SECRET_KEY in the header of your HTTP requests to authenticate.

This ensures that only authorized users can access and interact with your CoinbarPay data.

Signature Token

A signature token is a secure way to hash and authenticate requests using a secret key and the serialized body of a request.

By using an HMAC (Hash-based Message Authentication Code), it is possible to create a tamper-proof token that can ensure the API call is made from an authorized source.

Take a look at the following example for Node.js that shows how to create an HMAC signature token:

const crypto = require('crypto');

// Example Request for Payment Request creation
const requestBody = {
  //Request JSON Object or serialized query string...
};

const secretKey = 'your_secret_key';

// Function to create HMAC signature token
function createSignatureToken(requestBody, secretKey) {
  const serializedRequestBody = JSON.stringify(requestBody);

  const signatureToken = crypto
    .createHmac('sha256', secretKey)
    .update(serializedRequestBody)
    .digest('hex');

  return signatureToken;
}

//SIGNATURE_TOKEN to use as HTTP Header
const SIGNATURE_TOKEN = createSignatureToken(requestBody, secretKey);

Warning

When calling the CoinbarPay API, be sure to include the generated SIGNATURE_TOKEN and SERVICE_CLIENT_ID in the request headers, so the system can validate the authenticity and integrity of the request.

const axios = require("axios");

const SERVICE_CLIENT_ID = "your_SERVICE_AUTH_KEY_here";

const requestBody = {
  //Payment JSON Object...
};
const signature_token = createSignatureToken(requestBody, secretKey);

axios.post("https://{{SANDBOX_ENV.BASE_URL}}/{{SANDBOX_ENV.PATH_PAYMENT_EXAMPLE}}", 
  requestBody,
  {
    headers: {
      "CBPAY-API-KEY": `${SERVICE_CLIENT_ID}`
      "SIGNATURE" : `${signature_token}`
  },
})
.then(response => {
  console.log(response.data);
})
.catch(error => {
  console.error(error);
});

PreviousAPI DocumentationNextRequest New Payment (web page)

Last updated 2 years ago

πŸ”΅
⏺️