With a private API you have access to make operations in your personal account. For using private API you must generate a private key on
the user API page.
API address :
https://api.orion.finance/v1/{method}
All private API requests must contain the Key and Sign headers.
Key - Your API Key
Sign - POST-request data signed by the "secret" of your key in accordance with the HMAC-SHA512 method.
In addition, all requests must include the POST parameter “nonce”. The nonce parameter is an integer that must always be bigger than the previously used one-time number and should not be incremented by one. Using an era in milliseconds is an easy choice, but be careful with time synchronization if you use the same API key on multiple servers.
All requests return the result in JSON format like this:
{
"status": "success",
"data": ...
}
If the status is
error then in data there will be an error text, if the status is
success then in data there will be requested data.
Example of request, bash:
echo -n "nonce=154264078397400" | \
openssl sha512 -hmac $API_SECRET
curl -X POST \
-d "nonce=154264078397400" \
-H "Key: 3f85a175e992ebc02f582a5f26d00b28" \
-H "Sign: b927b88a99a08ca...f606cc3d6d429f1" \
https://api.orion.finance/v1/get_balance
Example of request, PHP:
<?php
const API_KEY = 'Your API key';
const API_SECRET = 'Your API secret';
$data = [
'currency' => 'BTC'
];
$res = orion_api('get_refill_addr', $data);
var_dump($res);
function orion_api($method, $data) {
if(empty($data['nonce'])) {
$data['nonce'] = microtime(true) * 1000;
}
$data = http_build_query($data);
$sign = hash_hmac('sha256', $data, API_SECRET);
$cl = curl_init( 'https://api.orion.finance/v1/' . $method );
curl_setopt($cl, CURLOPT_RETURNTRANSFER,true);
curl_setopt($cl, CURLOPT_HEADER, 0);
curl_setopt($cl, CURLOPT_TIMEOUT, 5);
curl_setopt($cl, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($cl, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($cl, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($cl, CURLINFO_HEADER_OUT, true);
curl_setopt($cl, CURLOPT_HTTPHEADER, ["Key: " . API_KEY, "Sign: $sign"]);
curl_setopt($cl, CURLOPT_POST, 1);
curl_setopt($cl, CURLOPT_POSTFIELDS, $data);
$ex = curl_exec($cl);
curl_close($cl);
return json_decode($ex) ?: $ex;
}