⏺️Authentication

When making requests to CoinbarPay's API, include the SERVICE_CLIENT_ID and a SIGNATURE_TOKEN generated by your SERVICE_SECRET_KEY in the header of your HTTP requests to authenticate.

This ensures that only authorized users can access and interact with your CoinbarPay data.

Signature Token

A signature token is a secure way to hash and authenticate requests using a secret key and the serialized body of a request.

By using an HMAC (Hash-based Message Authentication Code), it is possible to create a tamper-proof token that can ensure the API call is made from an authorized source.

Take a look at the following example for Node.js that shows how to create an HMAC signature token:

const crypto = require('crypto');

// Example Request for Payment Request creation
const requestBody = {
  //Request JSON Object or serialized query string...
};

const secretKey = 'your_secret_key';

// Function to create HMAC signature token
function createSignatureToken(requestBody, secretKey) {
  const serializedRequestBody = JSON.stringify(requestBody);

  const signatureToken = crypto
    .createHmac('sha256', secretKey)
    .update(serializedRequestBody)
    .digest('hex');

  return signatureToken;
}

//SIGNATURE_TOKEN to use as HTTP Header
const SIGNATURE_TOKEN = createSignatureToken(requestBody, secretKey);

Warning

When calling the CoinbarPay API, be sure to include the generated SIGNATURE_TOKEN and SERVICE_CLIENT_ID in the request headers, so the system can validate the authenticity and integrity of the request.

PreviousAPI DocumentationNextRequest New Payment (web page)

Last updated