Authentication
How we know who you are.
Bitso authenticates client requests using Hash-based Authentication Codes (HMAC). This mechanism combines a cryptographic hash function (SHA-256) with a secret key to generate a unique message authentication code, which ensures message integrity and authenticity. Bitso adds nonce and robust implementation elements to sidestep HMAC's pitfalls.
This section’s content is organized in the following way:
- Create Signed Requests: The article details how Bitso’s HMAC signature works and all the steps you need to take to implement it.
- Understand Bitso's Auth Mechanism: This write-up explains how the choices made provide Bitso's customers with a safe and reliable approach to data exchange.
Updated about 1 month ago