Signing Requests

Complete working examples for signing and sending requests to the NODE40 Balance API V2.

Bash

#!/bin/bash

PROFILE="<PROFILE_GUID>"
APIKEY="<KEY>"
APISECRET="<SECRET>"

ENDPOINT=/v2/accounts

TIMESTAMP=$(($(date +'%s * 1000 + %-N / 1000000')))
SIGNATURE_DATA="${ENDPOINT}${TIMESTAMP}"

SIGNATURE=$(echo -n "$SIGNATURE_DATA" | openssl dgst -sha256 -hmac "$APISECRET" -binary | xxd -p -c 256)

curl -H "x-api-key: ${APIKEY}" \
  "https://balance-api.node40.com${ENDPOINT}?timestamp=${TIMESTAMP}&signature=${SIGNATURE}"

Node.js

import { createHmac } from "node:crypto";
import { request } from "node:https";

const API_KEY    = "<KEY>";
const API_SECRET = "<SECRET>";
const PROFILE    = "<PROFILE_GUID>";
const BASE_URL   = "https://balance-api.node40.com";

const endpoint  = "/v2/ledgers";
const timestamp = Date.now();

// Signature = HMAC-SHA256( "{endpoint}{timestamp}", secret )
const signature = createHmac("sha256", API_SECRET)
  .update(`${endpoint}${timestamp}`)
  .digest("hex");

const url = new URL(`${BASE_URL}${endpoint}`);
url.searchParams.set("timestamp", timestamp);
url.searchParams.set("signature", signature);

const req = request(url, { headers: { "x-api-key": API_KEY, "x-node40-profile": PROFILE } }, (res) => {
  let body = "";
  res.on("data", (chunk) => body += chunk);
  res.on("end", () => console.log(JSON.parse(body)));
});
req.end();

Python

import hmac
import hashlib
import time
import requests

API_KEY    = "<KEY>"
API_SECRET = "<SECRET>"
BASE_URL   = "https://balance-api.node40.com"

endpoint  = "/v2/accounts"
timestamp = str(int(time.time() * 1000))

# Signature = HMAC-SHA256( "{endpoint}{timestamp}", secret )
signature_data = f"{endpoint}{timestamp}"
signature = hmac.new(
    API_SECRET.encode(), signature_data.encode(), hashlib.sha256
).hexdigest()

url = f"{BASE_URL}{endpoint}?timestamp={timestamp}&signature={signature}"
response = requests.get(url, headers={"x-api-key": API_KEY})
print(response.json())