I am trying to use Crypto.com API and when I am calling private/create-order to buy an instrument I am getting 401 Http status code with 40101 code, which means
Unauthorised – Not authenticated, or key/signature incorrect
I tried calling private/user-balance and i can successfully get my balance so it can’t be the IP.
The difference between two calls is that balance call is a get call and has no params; however, the create order call does have params and when I am building the signature which is required for all authenticated calls, the params are also part of the signature and I believe I am doing something wrong there.
I am following this documentation -> https://exchange-docs.crypto.com/exchange/v1/rest-ws/index.html#introduction
This is my code for building the signature
Sign the request using HMAC SHA256
def sign_request(method, params, request_id):
"""Generate the signature following the HMAC-SHA256 process."""
# Step 1: Sort the request parameters alphabetically
if params:
param_str="".join([f'{key}{params[key]}' for key in sorted(params)])
else:
param_str=""
# Step 2: Concatenate method, request id, api_key, param_str, and nonce
nonce = str(int(time.time() * 1000))
signature_payload = method + request_id + API_KEY + param_str + nonce
# Step 3: Create the HMAC-SHA256 signature using the API_SECRET
signature = hmac.new(
bytes(API_SECRET, 'utf-8'),
bytes(signature_payload, 'utf-8'),
hashlib.sha256
).hexdigest() # Step 4: Output the signature as a hex string
return signature, nonce
and this is what I am sending in as params
Params
params = {
'instrument_name': symbol,
'side': side, # 'buy' or 'sell'
'type': 'MARKET', # or 'LIMIT'
'price': price,
'quantity': quantity,
'client_oid': client_oid # Add client order ID
}
You need to sign in to view this answers