Authentication

Authentication is performed using the Ethereum key of the user, or an API on the account. Each request to the protected endpoints must include specific headers that provide the credentials and details of the request.

Required Headers

Synquote-Signature: The Ethereum key authentication signature.
Synquote-Timestamp: The epoch timestamp of when the request was signed. This timestamp must be within 30 seconds of the server time to be considered valid.

Parameters to Sign

method: The HTTP method used (e.g., GET, POST).
requestPath: The API endpoint path (e.g., /trading/cancel_order).
timestamp: The epoch timestamp when the request is signed.

Example of Signing a Request

Here's how you can sign a request using Python3:

from datetime import datetime, timezone
from eth_account import Account
from web3 import Web3

def sign_request(private_key, method, request_path):
    wallet = Account.from_key(private_key)
    timestamp = int(datetime.now(timezone.utc).timestamp())

    message = f"{timestamp},{method},{request_path}"
    message_hash = Web3.keccak(text=message)
    signed_message = wallet.signHash(message_hash).signature.hex()
    return signed_message, str(timestamp)