Every authenticated request will contain these headers:
request['X-Gw-Api-Key'] = api_key
request['X-Gw-Timestamp'] = timestamp
request['X-Gw-Signature'] = signature
var headers = {
"Content-Type": "application/json",
"Accept": "application/json",
"X-Gw-Api-Key": api_key,
"X-Gw-Timestamp": timestamp,
"X-Gw-Signature": signature
}
The API will respond with an authentication error if:
- The API key is missing, invalid, revoked, or not associated with the secret key used to generate the signature
- The timestamp header is missing, invalid, or not within 60 seconds of the server's clock
- The signature header is anything but the correct signature for the supplied timestamp, request method, endpoint and payload using the secret key associated with the provided API key