Authentication

To be able to generate sign in requests and transaction requests your dApp must use the API keys provided in CKBull Developer Console after registering it.

You will need:

• API Key.

• API Secret.

CKBull Signer API uses the HMAC-SHA512 algorithm to validate the dApp in every call to generate sign in and transaction requests. The following HTTP headers need to be passed to authenticate the dApp:

• x-timestamp: A timestamp generated when making the call.

• x-api-key: The dApp API key provided in CKBull Developer Console.

• x-signature: The signature hash obtained using the timestamp and your dApp API secret.

Here you can find the code to generate the required headers.

const crypto = require('crypto');

const apiSecret = "your-api-secret";
const timestamp = Math.floor(Date.now() / 1000);

const hmac = crypto.createHmac('sha512', apiSecret);
hmac.update(timestamp.toString());

const timestampHeader = timestamp;
const signatureHeader = hmac.digest('base64');
const apiKeyHeader = "your-api-key";

import hashlib
import os
import base64
import time

apiSecret = 'your-api-secret';
timestamp = str(int(time.time()))

hmac = hashlib.sha512(random_string.encode('utf-8'))
hmac.update(timestamp.encode('utf-8'))
hash = hmac.digest()
hash_b64 = base64.b64encode(hash).decode('utf-8')

timestamp_header = timestamp
signature_header = hash_b64
api_key_header = 'your-api-key';