CoinPayments Documentation

Skip to content

>

Mode: standard

Generate API Signature

Prerequisites

CoinPayments API Integration
Integration Client ID
Integration Client Secret

Construct Unique Request

Concatenate the following data together to form the unique request message:

\ufeff (Byte Order Mark)
HTTP method
URL
Integration Client ID
Timestamp (UTC ISO-8601 YYYY-MM-DDTHH:mm:ss)
Request payload (JSON)

Hash Message

Hash the unique request message using SHA-256, with the client secret as the key.

Encode Message

Base64 encode the resulting SHA-256 hash.

Set `X-CoinPayments-Signature` Header

Use the Base64-encoded value in the X-CoinPayments-Signature header.

See request headers for more information.

Example: Generate API Signature

The following example is written in Node.js.

Node.js

import { createHmac } from 'node:crypto';
import axios from 'axios';
 
// Pull sensitive data from environment. 
const integration = {
	clientId: process.env.INTEGRATION_CLIENT_ID,
	clientSecret: process.env.CLIENT_SECRET
};
 
// Retrieve the current date in UTC ISO-8601 format 
// format YYYY-MM-DDTHH:mm:ss (excluding milliseconds and timezone) 
const isoDate = new Date().toISOString().split('.')[0]; // i.e. 2025-03-01T02:30:00 
 
// Define request method, URL, and payload. 
const request = { 
	method:'POST', 
	url: 'https://a-api.coinpayments.net/api/v1/merchant/wallets', 
	data: { 
		currencyId: 2,
		label: 'Online Shop Wallet',
		webhookUrl: 'https://api.my-store.com/webhooks/endpoint',
	}, // or null 
	headers: { 
		'X-CoinPayments-Client': integration.clientId, 
		'X-CoinPayments-Timestamp': isoDate, 
		'X-CoinPayments-Signature': '' // generated below 
	} 
}
 
// Convert payload to JSON string. 
const payloadMessage = request.data ? JSON.stringify(request.data) : ''; 
 
// Construct the unique request message. 
const message = `\ufeff${request.method}${request.url}${integration.clientId}${isoDate}${payloadMessage}`; 
 
// Hash the message using SHA-256, digesting in Base64. 
const signature = createHmac('sha256', integration.clientSecret) 
					.update(message) 
					.digest('base64'); 
 
// Set request header. 
request.headers['X-CoinPayments-Signature'] = signature; 
 
// Send API request. 
axios(request) 
	.then((response) => console.log(response.data))
	.catch((err) => console.log(`Error code: ${err.status}`));