Authentication
To start working with the Rampnow API, all clients must authenticate themselves.
Generate app tokenCopied!
An app token is a secure method of communication with our API. You can create an app token in the Partner Dashboard.
Make requestsCopied!
All requests must contain the following headers:
RN-API-KEY
— an API Key that you generate in the Dashboard.
RN-ACCESS-SIGN
— a request signature in the HEX format. The signature is case insensitive.
RN-ACCESS-TIMESTAMP
— number of seconds since Unix Epoch in UTC.
Attention
All API queries must be sent over HTTPS; plain HTTP will be refused. You must include your auth headers in all requests.
Sign requestsCopied!
The value of the RN-ACCESS-SIGN
header is generated with the sha256 HMAC
algorithm using a secret key (Secret key is generated in the merchant Dashboard as part of API key creation) on the bytes obtained by concatenating the following information:
-
A timestamp (value of the
RN-ACCESS-TIMESTAMP
header) taken as a string. -
An HTTP method name in upper-case, e.g.
GET
orPOST
. -
URI of the request without a host name, starting with a slash and including all query parameters,
e.g. /api/partner/v1/ext/ramp_order/quote?srcCurrency=USD&dstCurrency=BTC
-
Request body, taken exactly as it will be sent. If there is no request body, e.g., for
GET
requests, do not include it.
Your timestamp must be within 1 minute of the API server time. Make sure the time on your server is correct.
Examples of how you can sign your requests:
message = timestamp + 'POST' + url_path + body
hmac_message = hmac.digest(SECRET_KEY.encode(), message.encode(), hashlib.sha256)
Python Example
import time
import base64
import hashlib
import hmac
SECRET_KEY = 'pk_live_asjhdvcjahsgvjqhwcasdv'
payload = '{"dummy": "value"}'
url_path = '/api/partner/v1/ext/ramp_order/quote?srcCurrency=USD&dstCurrency=BTC'
timestamp = str(int(time.time())) # 1727759033
message = timestamp + 'POST' + url_path + json.dumps(payload)
signature = base64.b16encode(hmac.digest(SECRET_KEY.encode(), message.encode(), hashlib.sha256)) # Generated Signature -