WSPN
Language
  • English
Version
  • V1.0
HomeWallet
Language
  • English
Version
  • V1.0
HomeWallet
Twitter
Telegram
Linkedin
  1. English
  • Introduction
  • Get Started
  • Signature
  • What is WUSD
  • Webhook Service
  • Sandbox Environment
  • Blockchain Confirmations
  • Appendix
  • API Keys
  • Core Functionality
    • Core Functionality
    • Quickstart: Deposit via Blockchain Wallet
    • Quickstart: Withdraw via Blockchain Wallet
    • Quickstart: Deposit via Funds Transfer
    • Quickstart: Withdraw to Bank
  • Api Reference
    • Authentication
      • Get Access Token
      • Refresh Access Token
    • Wallet
      • Address
        • Get Deposit Address
        • Add Whitelist Address
        • Get Whitelist Address
        • Delete Whitelist Address
      • Remit Info
        • Get Deposit Remit Info
        • Add Remit Info
        • Edit Remit Info
        • Get Remit Info
        • Delete Remit Info
      • Transaction
        • Get Balance
        • Create Fiat Deposit
        • Create Fiat Withdraw
        • Create Crypto Withdraw
        • Get Fiat Transaction
        • Get Exchange Rate
        • Create Mint/Redeem
        • Mint/Redeem History
        • Get Mint Redeem Receipt
        • Get Fiat Transaction Receipt
        • Get Crypto Transaction Receipt
  1. English

Signature

1. Request Signature#

For key function API requests, the signature are mandatory in the HTTP Header for security reason. You can apply to all the API requests as well.
1.1. Components of signature before hash:
• HTTP Method: In uppercase.
• Timestamp: Timestamp number in millis, Singapore timezone. The request will be failed if the timestamp is before or after 2 minutes.
• URL: The request URL without scheme and hostname.
• Querystring: The in-URL parameters without the prefix ?, un-encoded.
• Request Body: For string-based body, empty if not set. Must exactly same as the actually request body, including the invisible characters.
1.2. You need to combine these values by sequence, for example:
1.3. Generate the signature string after you get the string to sign in the 2nd step, then you can generate the signature string by using HMAC-SHA512 method and Base64 encoding with the Sign Key from Before Integration.
1.4. Append signature to HTTP headers beside the Authorization header every request needed, the following headers are also need to add when perform a request:
• D-TIMESTAMP: The timestamp value should be same as Timestamp component in signature.
• D-SIGNATURE: The signature string generated.

2.Response Signature#

The Response Signature follows the same signing rules as the request. The customer is responsible for verifying the signature in the response using the same process.
Verification Process:
2.1. The customer will use the same signature components (HTTP method, timestamp, URL, querystring, and response body) to generate the signature string.
2.2. The signature is verified by comparing the generated signature with the D-SIGNATURE header in the response.
2.3. If the signatures match, the response is valid. If they do not match, the response should be rejected.

3.JAVA Signature Example#

4.JavaScript Signature Example#

Previous
Get Started
Next
What is WUSD
Built with