Authentication

To ensure the security of your API interactions, Bitpowr requires authentication for each request. This is achieved by including your public/secret key or API key within the Authorization header.

Learn how to obtain your keys by reading our API Key Documentation.

Authorizing API Calls

For the safety of your data, all API requests must be made over HTTPS. Unencrypted HTTP requests are not supported and pose a security risk. Unauthenticated requests will be denied, resulting in an “unauthorized” response.

Each API request requires the Authorization header unless specified otherwise.

Bitpowr offers below authentication methods:

• Bearer Token: A unique token encodes your Public and Secret Key.

Public and Secret Key

To authenticate using the Public Key and Secret Key, you will need to concat them such as {public_key}:{secret_key} and base64 encode the resulting string before passing it along to the Authorization header.

📘

This method gives you admin access to all your accounts

Encoded Token (Deprecated)

You can easily do that in the example below:

let encodedToken = Buffer.from(`{public_key}:{secret_key}`).toString('base64')
console.log("token",encodedToken)

<?php
$str = "$publicKey:$secretKey";
$encodedToken = base64_encode($str);
echo $encodedToken;

?>

import base64
encodedToken = base64.b64encode(f'{public_key}:{secret_key}'.encode('ascii'))
print(encodedToken)

Public Key & Secret Key Hash

You can combine both to get the result key below:

key = f"{public_key}.{secret_key}"

let key = `${public_key}.${secret_key}`

Once you can get the resulting API Key, you can then pass it to your headers as below:

 Authorization: Bearer `encodedToken`

📘

Your API key determines what environments, modes and networks you want to connect with via our developer API/SDK. You can read more about Environment here