Access Key

Permission

We need to confirm who you are and you have access to our developers' APIs. So, we always ask you to sign any request by ACCESS_KEY and SECRET_KEY.

note

Visit: Guides - Generate new key for instruction on creating a key by steps.

Examples

Ruby

# Config your keys
access_id = "YOUR_ACCESS_KEY"
secret_key = "YOUR_SECRET_KEY"
api_endpoint = "https://api.remitano.com/api/v1/coin_accounts/me?coin_currency"
# Make a request
request = Curl::Easy.new(api_endpoint)
## always set header Content-Type with application/json
request.headers["Content-Type"] = "application/json"
# Sign the request with the keys
# https://www.rubydoc.info/gems/api-auth/2.4.1/ApiAuth.sign!
signed = ApiAuth.sign!(request, access_id, secret_key, :override_http_method => "GET")
# signed
signed.perform
signed.body_str
# ...

PHP

For PHP you can use remitano-php library to authenticate and send API request to Remitano

$client = new Remitano\Api\RemitanoClient([
'apiKey' => 'your-api-key',
'apiSecret' => 'your-api-secret',
'authenticatorSecret' => 'your-authenticator-secret'
]);
$client->get('users/coin_accounts');
$client->post('offers/best', [
"country_code" => "my",
"offer_type" => "buy",
"coin_currency" => "btc",
"coin_amount" => 1
]);

Javascript (Node.js)

const crypto =require('crypto');
const axios = require('axios');
const REMITANO_BASE_URL = 'https://api.remitano.com/api/v1';
const REMITANO_SECRET_KEY = process.env['REMITANO_SECRET_KEY']
const REMITANO_ACCESS_KEY = process.env['REMITANO_ACCESS_KEY']
const computeHmac = (secret, method ='sha256', data) => {
const hmac = crypto.createHmac(method, secret);
hmac.update(typeof data === 'string' ? data : JSON.stringify(data));
return Buffer.from(hmac.digest()).toString('base64');
}
const computeMD5 = (data) => {
const md5 = crypto.createHash('md5');
md5.update(typeof data === 'string' ? data : JSON.stringify(data));
return Buffer.from(md5.digest()).toString('base64');
}
const remitanoApi = {
request: async (url, method = "GET", data = "") => {
const headers = {
'Content-Type': 'application/json',
'Content-MD5': computeMD5(data),
'date': new Date().toUTCString(),
}
const requestUrl = `/api/v1/${url}`;
const requestString = `${method},application/json,${headers["Content-MD5"]},${requestUrl},${headers['date']}`;
const sig = computeHmac(REMITANO_SECRET_KEY, 'sha1', requestString);
headers.Authorization = `APIAuth ${REMITANO_ACCESS_KEY}:${sig}`;
return axios.request({
baseURL: REMITANO_BASE_URL,
headers,
method,
url,
data
});
}
}
const getUser = await remitanoApi.request("users/me");

Other programming languages

For other progamming languages, please follow these instructions to sign each API request with your Access Key:

  1. Hash the request body with MD5 then base64 encode it and set the header Content-MD5 with this value.

  2. Set the header Date with RFC2616 format (eg: Tue, 15 Nov 2020 12:45:26 GMT)

  3. Combine the following data to a comma-separated string:

    • Request Method (eg: POST, GET, PUT)
    • Header Content-Type (usually application/json)
    • Header Content-MD5 (the value from step 1)
    • Request target (eg: /api/v1/users/coin_accounts)
    • Header Date (the value from step 2)

    eg:

    POST,application/json,eyJ1c2VyOmFzZGN4emN6eGMiLEEic2R4YXNkYWFzZH0=,/api/v1/users/coin_accounts,Tue, 15 Nov 2020 12:45:26 GMT

  4. Hmac the string from step 3 with SHA1 algorithm and your SECRET_KEY as key, then base64 encode it.

  5. Set the header Authorization with value:

    APIAuth {YOUR_ACCESS_KEY}:{hmac value from step 4}

    eg:

    APIAuth a4c60313f2ce6a0d934:N2IxZjhhNTFlMGI1NmQ1ZmY2MTBkY2I1MTI2ZjY2YTU=