Authentication

API authentication is performed using the HMAC request signature sent in the API call header.

curl -X POST \
https://business-sandbox.cryptopay.me/api/invoices \
-H 'Authorization: HMAC DjlHuWlApznJ7vrhPBL0fA:N2eEvkJQ07EpFau90pL5xMpBO3g=' \
-H 'Content-Type: application/json' \
-H 'Date: Tue, 25 Sep 2018 17:41:40 GMT' \
-d '{"price_amount":"100","price_currency":"EUR","pay_currency":"BTC"}'

HMAC-SHA1 is an algorithm defined by RFC 2104 — Keyed-Hashing for Message Authentication. The algorithm takes as input two byte-strings, a key and a message.