The API authentication is done using RSA PKCS 1 public-key cryptography algorithm. Each request must be signed with your private key. Follow these steps to sign your request:
Import your private key, whose format is pkcs1-private-pem, to your RSA library. If you are on Node.js, we encourage using Node-RSA
Build the JSON object containing the information to sign:
<aside> ⚠️ Please respect the order
</aside>
{
“security”: {
“nonce”: $nonce,
“timestamp”: $timestamp
},
“queryParams”: $queryParams,
“body”: $body,
}
Generate the JSON string of this object without new lines ('\n') or escaped quotation marks
Generate the SHA256 hash of this string
The signature is done by signing this hashed JSON string with your private key using PKCS1 algorithm, encoded in base64