/

API Authentication

MyAPI uses API Key and Secret for authentication. All API requests that require authentication must include API Key and signature in the request headers.

Authentication Method

Uses HMAC-SHA256 signature algorithm for request signature verification.

Request Headers

  • X-API-Key: Your API Key
  • X-Signature: Request signature (HMAC-SHA256)
  • X-Timestamp: Timestamp (Unix timestamp in seconds)

Signature Generation

  1. Sort all request parameters (except signature) by parameter name in ASCII order
  2. Concatenate sorted parameters into a string: key1=value1&key2=value2
  3. Append timestamp parameter to the end of the string
  4. Use HMAC-SHA256 algorithm with API Secret as the key to sign the concatenated string
  5. Convert the signature result to a hexadecimal string (lowercase)

Request Parameters

Response Example

{
    "code": 200,
    "msg": "success",
    "data": []
}

Code Example

// PHP示例
$apiKey = "your_api_key";
$apiSecret = "your_api_secret";
$timestamp = time();

// 构建参数字符串
$params = [
    "symbol" => "BTCUSDT",
    
];
ksort($params);
$queryString = http_build_query($params);
$signString = $queryString . "&timestamp=" . $timestamp;

// 生成签名
$signature = hash_hmac("sha256", $signString, $apiSecret);

// 发送请求
$ch = curl_init("https://ziario.com/api/v1/ticker");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
    "X-API-Key: " . $apiKey,
    "X-Signature: " . $signature,
    "X-Timestamp: " . $timestamp
]);
$response = curl_exec($ch);
curl_close($ch);

// Python示例
import hmac
import hashlib
import time
import requests

api_key = "your_api_key"
api_secret = "your_api_secret"
timestamp = int(time.time())

params = {
    "symbol": "BTCUSDT",
    "exchange": "binance"
}
sorted_params = sorted(params.items())
query_string = "&".join([f"{k}={v}" for k, v in sorted_params])
sign_string = query_string + f"&timestamp={timestamp}"

signature = hmac.new(
    api_secret.encode(),
    sign_string.encode(),
    hashlib.sha256
).hexdigest()

headers = {
    "X-API-Key": api_key,
    "X-Signature": signature,
    "X-Timestamp": str(timestamp)
}

response = requests.get("https://ziario.com/api/v1/ticker", params=params, headers=headers)
print(response.json())

Related Documentation