English | 中文

This project has moved to https://github.com/railone-io

noumena-OpenAPI

API Specifications

• API requests use HMAC authentication.

• Pagination - Query record lists are all divided into pages, Pagination parameters: page_num represents the page number, page_size represents the size of each page. API DTO uniformly returns total, records.

• Country - Two digit country codes, refer to ISO 3166-1 alpha-2 standards.

• Time management - API requests and responses return a UNIX timestamp, unit being seconds, in order to avoid issues due to regional time differences.

• Amount management - All API requests and responses are of the string data type in order to avoid precision loss.

• All the requests that have a body but don't explicitly define a format are of JSON type, Content-Type: application/json

• API response format standard-

  Field_Name	Type	Description
  code	int	Error code. 0: Normal, non-0: Abnormal
  msg	string	SUCCESS indicates success, error code indicates and describes failure
  result	object	Result

HMAC Authentication

The institution first needs to apply for the API key and API secret that will be used when accessing the API.

Term	Description
User ID	User ID is used to indicate the developer account, is used as the user ID
API key and API secret	Multiple API key + API secret maintained under a User ID, API key is linked with an application, multiple applications are allowed, each application can apply for API access privileges

Client side implementation process:

1. Compose the data that needs to be signed, including-
   • UNIX timestamp, unit being milliseconds: the request time stamp
   • Request method: HTTP method
   • Request API key： API Key
   • Complete request path, including the URL parameters: request URI
   • If there is a request body, the post conversion string of the body also needs to be added: string representation of the request payload
2. Client side generates the signature using HMAC_SHA256 based on the data and API secret
3. Set the Authorization header based on the fixed sequence, i.e. the key is Authorization, and the value is: Noumena:ApiKey:request time stamp:signature (linked using colon)
4. If the server side sets a password when creating the API key and secret, then an Access-Passphrase header needs to be set, i.e., the key is Access-Passphrase, and the value is the password.
5. Client side sends the data, Authorization header, and the Access-Passphrase header (in case there is a fourth step) to the server side, i.e., the final http header sent is as follows:
   • Authorization：Noumena:ApiKey:request timestamp:signature
   • Access-Passphrase：Your API Secret passphrase

How to build the request body string to be signed:

The parameter names of the request body need to be based on the respective ASCII values, pair key and value using =, and connect multiple key-value pairs using & to form a string.

Here is an example body-

{
	"ont_id":"did:ont:Ae9ujqUnAtH9yRiepRvLUE3t9R2NbCTZPG",
	"amount":190,
	"to_address":"AUol16ghiT9AtxRDtNeq3ovhWJ5iaY6iyd"
}

The payload is converted to-

amount=190&ont_id=did:ont:Ae9ujqUnAtH9yRiepRvLUE3t9R2NbCTZPG&to_address=AUol16ghiT9AtxRDtNeq3ovhWJ5iaY6iyd

Example

origin sign data:{}1579185795117GET14db63d7f3614664ad1c71dd134a21dc/api/v1/customers/accounts?page_num=1&page_size=20

Request Url:https://uat.noumena.pro/api/v1/customers/accounts?page_num=1&page_size=20
Authorization:Noumena:14db63d7f3614664ad1c71dd134a21dc:1579185795117:5pVj45P4c+Q8LbGCZgS05WDq9b8/fpAKCDl6drmViW4=
Access-Passphrase:12345678a

{"code":0,"msg":"SUCCESS","result":{"total":7,"records":[{"acct_no":"3206","status":1,"create_time":1579159626000},{"acct_no":"3205","status":1,"create_time":1579159314000},{"acct_no":"3203","status":1,"create_time":1579158803000},{"acct_no":"3202","status":1,"create_time":1579158608000},{"acct_no":"3201","status":1,"create_time":1579157747000},{"acct_no":"acct-zzx","status":1,"create_time":1579144759000},{"acct_no":"acct-zzx3","status":1,"create_time":1579143521000}]}}