OpenAPI Document
  1. 2.2 Creating the Bearer Token
OpenAPI Document
  • 1. Overview
    • 1. Overview
  • 2. Authentication
    • 2.1 Introduction
      • 2.1 Introduction
      • Generating an RSA key pair
    • 2.2 Creating the Bearer Token
      • 2.2 Creating the Bearer Token
      • Creating the token
      • Signature Examples
      • JWT Token Specification
        POST
      • Signature Examples
        GET
  • 3. Requests & Responses
    • 3.1 Requests
    • 3.2 Responses
    • 3.2 Responses
      • 3.2.1 Succes Responses
      • 3.2.2 Retrying Requests
      • 3.2.3 HTTP Status Codes
      • 3.2.4 Error Responses
        • Error Response Format
  • 4. Getting Started
    • 4.1 Pagination
      • 4.1 Pagination
    • 4.2 Rate Limiting
      • Rate Limits
    • 4.3 Idempotency
      • Idempotency Fields
    • 4.4 External ID and Metadata
      • 4.4 External ID and Metadata
  • 5. API
    • Health
      • 5.1 Test connectivity
      • 5.2 Test connectivity
    • Accounts
      • 5.3 Get Accounts
      • 5.4 Get Accounts
      • 5.5 Get Balances
    • Transfer
      • 5.6 Create a Transfer
    • Transactions
      • 5.7 Get Account Transactions
    • Conversions
      • 5.8 Get a Quote
      • 5.9 Execute a trade
    • Payouts
      • 5.10 Get Payouts
      • 5.11 Create Payout
      • 5.12 Get Payout Quotation
    • Card Account
      • 5.13 Create Card Account
      • 5.14 Get Card Account Transactions
    • Cards
      • 5.15 Issue Card
      • 5.16 Get Cards
      • 5.17 Activate Card
      • 5.18 Suspend Card
      • 5.19 Unsuspend Card
      • 5.20 Lock Card
      • 5.21 Unlock Card
      • 5.22 Cancel a card
      • 5.23 Get Card Senstiive Info
      • 5.24 Change Card PIN
      • 5.25 Control Spending
    • Digital Custody
      • 5.26 Get Supported Digital Assets
      • 5.27 Get Supported Blockchains
      • 5.28 Create Withdrawal Request
      • 5.29 Get Deposit Addresses
      • 5.30 Generate Deposit Address
    • Countries
      • 5.31 Get Countries
    • Positions
      • 5.32 Get Positions
    • Occupations
      • 5.33 Get Occupations
  • 6. Screenshot Illustration(api+image)
    • 6. Screenshot Illustration(api+image)
  • Schemas
    • 宠物店
      • Pet
      • Category
      • Tag
  1. 2.2 Creating the Bearer Token

2.2 Creating the Bearer Token

Prepare a Bearer token for your API request
1.
Create the signing header and payload, which comprises of a header and a payload portion.
2.
Sign the JWT using your private key with the RSA-SHA256 algorithm.
3.
Add the resulting signed token to the Authorization: Bearer $jwt header in the request.
ORZCash Access API will verify the JWT signature against provided claims and verify the URI, method, and request body of your API request against the claims provided.
In case of a token verification error, ORZCash Access API will return HTTP Code 401 Unauthorized with the error code INVALID_SIGNATURE
JWT Token Specification
The JWT token shall be created in accordance to the following specification
header
alg RS256
typ JWT
payload/claims
sub - ORZCash Access Key, (ie. 899a7a89-bb6b-4d43-a702-c6aa45dd89cf
iat The time at which the JWT was issued, in seconds since Epoch.
exp The expiration time on and after which the JWT must not be accepted for processing, in seconds since Epoch. It must be less than iat+30sec.
body Hex-encoded SHA-256 hash of the raw HTTP request body. When an empty HTTP content body is provided (ie. GET requests) this field is optional
uri The URI part of the request. e.g. /v1/transactions?filter=123
method The HTTP method of the request. e.g. POST
Modified at 2022-12-29 06:17:43
Previous
Generating an RSA key pair
Next
Creating the token
Built with