Cryptopay API
  • Welcome
  • Guides
    • Introduction
    • Environments
    • Creating a Test Account
    • API Credentials
    • API Basics
      • Responses
      • Date formats
      • Authentication
        • How it works
        • Signature
        • Creating a signature. Code samples
      • Callbacks
    • API Client Libraries
    • API Reference
    • Cryptocurrency Payments
    • Currencies
      • Supported Currencies
      • Currency Icons
    • Confirmations
    • Tools for accepting payments
    • Prebuilt integrations
      • E-commerce payment plugins
      • Payment and software providers
    • Channels
      • Channel payment
      • Payment statuses
      • Channel payment sequence
      • Create a Channel
      • Visual representation at Cashier
      • Channel hosted page
      • Channel payment callbacks
    • Invoices
      • Invoice statuses
      • Invoice payment sequence
      • How to handle unresolved invoices
        • Underpaid
        • Overpaid
        • Paid late
        • Illicit resource
        • Invoice refunds sequence
      • Create an invoice
      • Visual presentation at Cashier
      • Invoice hosted page
      • Online checkout
        • How-to
      • Payment links
      • Invoice callbacks
    • Payouts
      • Payout statuses
      • Payout sequence
      • Payout fees consideration
        • Network fees
      • Create a Coin Withdrawal
        • Possible errors
        • Withdrawals from fiat accounts
        • Withdrawals from cryptocurrency accounts
        • high_risk_address error message
      • Visual representation at Cashier
      • Minimum transaction amount
      • Coin Withdrawal callbacks
      • Travel Rule Compliance
    • Email Billing
      • Create an email billing
      • Email billing callbacks
    • Testing
      • Channels
      • Invoices
      • Payouts
    • Risks
    • Customers
    • Transactions types and Statuses
Powered by GitBook
On this page
  1. Guides
  2. API Basics

Authentication

PreviousDate formatsNextHow it works

Last updated 3 months ago

API authentication is performed using the HMAC request signature sent in the Authorization header. 

curl -X POST \
  https://business-sandbox.cryptopay.me/api/invoices \
  -H 'Authorization: HMAC DjlHuWlApznJ7vrhPBL0fA:N2eEvkJQ07EpFau90pL5xMpBO3g=' \
  -H 'Content-Type: application/json' \
  -H 'Date: Tue, 25 Sep 2018 17:41:40 GMT' \
  -d '{"price_amount":"100","price_currency":"EUR","pay_currency":"BTC"}'

HMAC-SHA1 is an algorithm defined by — Keyed-Hashing for Message Authentication. The algorithm takes as input two byte-strings, a key, and a message.

RFC 2104