I am trying to get access to this endpoint
https://binance-docs.github.io/apidocs/spot/en/#query-order-user_data
As you can see it says that signature for this request is not valid, why is that ?
Signature value is secret key binance given to me.
https://testnet.binance.vision/
you can create api key and secret key using above link fast and see if it works for you.
please show me what i am doing wrong and advance thanks!
Related
I'm wondering if anyone else has been able to use the kucoin api. I have been trying to call it from Postman, but the docs are extremely confusing. I am trying to call for lending rates data, and I was thinking that should be at this endpoint:
https://api.kucoin.com/api/v1/margin/lend
This seems to be the correct endpoint, but I can't figure out what the correct headers are to pass in- it's pretty weird that kucoin requires FOUR headers where some are encoded, some are not... Anyway, this is what I'm using:
KC-API-KEY: the key from kucoin browser when making a new api key
KC-API-PASSPHRASE: the passphrase from kucoin browser when making a new api key
KC-API-TIMESTAMP: the current number of seconds since epoch
KC-API-SIGN: the secret from kucoin browser when making a new api key
I have made 4 keys now and am 100% sure I'm using the correct passphrase and secret, but every time I get an error response that it doesn't like either KC-API-SIGN or KC-API-PASSPHRASE...
I have tried sha encoding and base64-ing each of these, but nothing has worked for me so far... Has anyone had any success with kucoin api? what am I doing wrong here??
Thanks!
I am working with the following api:
https://www.football-data.org/documentation/api
I have gotten myself an api key and I tried to make the example request:
https://api.football-data.org/v2/teams/86/matches?status=SCHEDULED
of course I get the error
{"message":"The resource you are looking for is restricted. Please pass a valid API token and check your subscription for permission.","errorCode":403}
So the question is, is how do I give the website my api key to allow me to make these requests?
Looking at the python snippet they create a dictionary with the the api key as a value and pass that to the request. How can I make this in my browser?
I tried
https://api.football-data.org/v2/teams/86/matches?status=SCHEDULED&%22X-Auth-Token%22=%22MYAPIKEY%22
and it did not work.
You are passing your API key as a query parameter, which is not in line with the API specification.
The API needs the key as an HTTP header. You cannot easily do that in a web browser. I'd suggest getting something like Postman or to do it on the command-line:
curl -i -H "X-Auth-Token: MYAPIKEY" "https://api.football-data.org/v2/teams/86/matches?status=SCHEDULED"
You might have figured it out by now, but I am dropping this for anyone else looking on how to do it in Python:
import requests
from pprint import pprint
token = "" # Write the api key emailed to you here
headers = {
'X-Auth-Token': token,
}
r = requests.get('http://api.football-data.org/v2/competitions/EC/teams', headers=headers).json()
pprint(r, indent=2, depth=1, compact=True)
If you're using postman like #Jakob Löhnertz suggested.
You want to first enter the api
Then go over to the Headers tab, put in "X-Auth-Token" as your Key and your unique API token as your value. Hit send and you should be all good.
Finally, be sure to go through here to see the list of available competitions for a free account.
I am trying to use the Privacy API but the Authorization Header is confusing me a lot. I am not sure how to format the header no matter what method I use for calling the request.
Below is the exact format they asked me to use but now I'm not getting any response. If anyone knows how to authorize Privacy's request calls it would help me so much, thank you in advance! Privacy API
If picture describe what you try to do, remove two dots after Autorization in Key input
Key: Autorization (without two dots on the end)
value: api-key xxxxx
I got an API key from Google and then submitted it with this link:
https://maps.googleapis.com/maps/api/geocode/xml?address=1600+Amphitheatre+Parkway,+Mountain+View,+CA&key=<Google API Key>
Obviously, I had my actual key filled in.
The message that came back was:
<GeocodeResponse>
<status>REQUEST_DENIED</status>
<error_message>The provided API key is expired.</error_message>
</GeocodeResponse>
How could the key be expired when I had just generated it?
The client is using oauth signing their request and call my server, I know the client's oauth key and secret, then how can I verify the call is from the actual user? should I calculate the signature with all parameters sent along with the request and compare it with the signature within the request? I am using singpost library.
Thank you, any hint will be very helpful!
OK for the future reference - to validate the signature, this is what I did:
Parse all parameters in the incoming request's header and use all these parameters and my own consumer credential to calculate the signature again, then compare with the incoming signature. It's a pain for me since no proper library can do it in a easy way, I have to write it myself...