Authentication
How we know who you are.
Bitso authenticates client requests using Hash-based Authentication Codes (HMAC). This mechanism combines a cryptographic hash function (SHA-256) with a secret key to generate a unique message authentication code, which ensures message integrity and authenticity. Bitso adds nonce and robust implementation elements to sidestep HMAC's pitfalls.
This section’s content is organized in the following way:
- Create Signed Requests: Details how Bitso’s HMAC signature works and all the steps you need to take to implement it.
- Nonce v2 Rollout: Presents the format of an improved version of the
nonceparameter included in the Auth header payload. - Understand Bitso's Auth Mechanism: Explains how the choices made provide Bitso's customers with a safe and reliable approach to data exchange.
Updated 12 days ago