Create and Authenticate Transactions
Signing programmatic transactions requires running your own API Signer. Learn more about the feature before you get started with creating transactions.
To programmatically create a transaction, you need to call the Create Transaction API by sending a POST request to the /api/v1/transactions endpoint. To authenticate the request:
- Pass the Access Token in the
Authorization: Bearer <TOKEN>header. - Sign the request body with the API User’s private key, the public key of which you have registered with the API Signer. Use the ECDSA signature scheme over the NIST P-256 curve. The signed message is comprised of the API endpoint timestamp, and request body. Pass the signature in a
x-signatureHTTP header of yourPOSTrequest.
You can use the following code sample as the basis for any type of transaction. The body of the request differs, based on the specific type of transaction you are creating. Examples appear in the pages of Transaction Types.
#!bash
ACCESS_TOKEN='enter your API User Access Token'
PRIVATE_KEY_FILE='private.pem'
ENDPOINT="/api/v1/transactions"
TIMESTAMP="$(($(date +%s) * 1000))"
BODY='{
...
}'
SIGNATURE="$(echo -n "${ENDPOINT}|${TIMESTAMP}|${BODY}" | openssl dgst -sha256 -sign ${PRIVATE_KEY_FILE} | base64 | tr -d \\n)"
echo -n "${ENDPOINT}|${TIMESTAMP}|${BODY}"
curl -v "https://api.fordefi.com${ENDPOINT}" \
-H "Authorization: Bearer ${ACCESS_TOKEN}" \
-H "Content-Type: application/json" \
-H "x-signature: ${SIGNATURE}" \
-H "x-timestamp: ${TIMESTAMP}" \
-d "${BODY}"