The Pay on Rails API uses API keys to authenticate requests. If you do not include your key when making an API request, or use one that is incorrect or outdated, Pay on Rails returns an error.
Your API keys carry many privileges, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth.
Obtaining your API keys
Preconditions: You must have enabled the Two Factor Authentication (2FA) on https://api-stage.letsbit.io/logged/security
Example using httpie:
- Login into your account.
- Create your API key
This API key is generated only once and can be used forever.
- Securely save your API Key and Secret.
How to use API key?
On pay on Rails requests is necessary to include the next 3→ API key (from previous step).
→ A nonce is an arbitrary number that can be used just once. In our environment you MUST use a millisecond timestamp in UTC time.
Read more about it here→ HMAC-SHA256 signature
calculated using concatenation of and
Example of generating X-Auth-Signature:
Example of using request with headers: