Authentication
To start working with the Rampnow API, all clients must authenticate themselves.
Generate app tokenCopied!
An app token is a secure method of communication with our API. You can create an app token in the Partner Dashboard.
Make requestsCopied!
All requests must contain the following headers:
X-RAMPNOW-API-KEY
— an API Key that you generate in the Dashboard.
X-RAMPNOW-SIGN
— a request signature in the HEX format. The signature is case insensitive.
X-RAMPNOW-TIMESTAMP
— number of seconds since Unix Epoch in UTC.
Attention
All API queries must be sent over HTTPS; plain HTTP will be refused. You must include your auth headers in all requests.
Sign requestsCopied!
The value of the X-RAMPNOW-SIGN
header is generated with the sha256 HMAC
algorithm using a secret key (Secret key is generated in the merchant Dashboard as part of API key creation) on the bytes obtained by concatenating the following information:
-
A timestamp (value of the
X-RAMPNOW-TIMESTAMP
header) taken as a string. -
An HTTP method name in upper-case, e.g.
GET
orPOST
. -
URI of the request without a host name, starting with a slash and including all query parameters,
e.g. /api/partner/v1/ext/ramp_order/quote?srcCurrency=USD&dstCurrency=BTC
-
Request body, taken exactly as it will be sent. If there is no request body, e.g., for
GET
requests, do not include it.
Your timestamp must be within 1 minute of the API server time. Make sure the time on your server is correct.
Examples of how you can sign your requests:
message = timestamp + 'POST' + url_path + body
hmac_message = hmac.digest(SECRET_KEY.encode(), message.encode(), hashlib.sha256)
Python Example
import time
import base64
import hashlib
import hmac
import json
import requests
SECRET_KEY = 'api-secret-key'
API_KEY = 'api-key'
base_url = 'https://api.rampnow.io'
path = '/api/partner/v1/ext/ramp_order/quote'
payload_data = {
"orderType": "buy",
"srcAmount": "100.0",
"srcCurrency": "EUR",
"srcChain": "fiat",
"dstChain": "ethereum",
"dstCurrency": "ETH",
"paymentMode": "card",
"apiKey": API_KEY,
"walletAddress": "0x6782f3309EAE59BbffbE87d9f3d4117298861468",
"walletAddressTag": "",
"externalOrderId": "ajsdiauhdiqw7e78322wrnbjsahd",
}
payload = json.dumps(payload_data)
timestamp = str(int(time.time()))
message = timestamp + 'POST' + path + payload
signature = base64.b16encode(hmac.digest(SECRET_KEY.encode(), message.encode(), hashlib.sha256)).decode().lower()
headers = {
'X-RAMPNOW-API-KEY': API_KEY,
'X-RAMPNOW-SIGN': signature,
'X-RAMPNOW-TIMESTAMP': timestamp,
'Content-Type': 'application/json'
}
url = base_url + path
response = requests.post(url, headers=headers, data=payload)
print(response.status_code, response.text)