Some of the endpoints require authentication through API keys.
To generate an API Key
https://trade.enclave.market/spot/AVAX-USDC
Important: The secret key should be treated the same way as a password and not stored in an unencrypted manner. Please place this information in a password manager or key vault.
It is strongly recommended to whitelist the IP addresses which are allowed to make requests for the given API key.
IP addresses can be added in the API KEYS page or immediately after creation.
Up to 16 IP addresses can be added per API key. Only IPv4 addresses are supported at this time.
The default state with no whitelisted addresses (empty whitelist) is to allow requests from any IP. If there are addresses on the whitelist, then only requests from the whitelisted IPs are allowed. Requests from IPs not on the whitelist will error with code 401 and message: "IP addr x.x.x.x is not allowed for key enclaveKeyId_yyyyyyyy"
.
Authenticated REST requests need the following headers:
ENCLAVE-KEY-ID
The key id (including the "enclaveKeyId_" prefix)ENCLAVE-TIMESTAMP
Number of milliseconds since the Unix epoch, this must be within 30 seconds of the time the request is received.ENCLAVE-SIGN
hex representation of SHA256 HMAC of the following four strings concatenated together using the API Secret (including the "enclaveApiSecret_" prefix).
timestamp
identical to the ENCLAVE-TIMESTAMP headermethod
HTTP method in uppercaserequestPath
full path and query parameters of the URL, excluding the hostnamebody
request body stringpackage main
import (
"crypto/hmac"
"crypto/sha256"
"encoding/hex"
"fmt"
"io"
"net/http"
"strings"
"time"
)
func main() {
keyId := "enclaveKeyId_KEYID"
apiSecret := "enclaveApiSecret_SECRET"
method := "GET"
base := "<https://api.enclave.market>"
path := "/v1/orders?market=AVAX-USDC&limit=1000"
body := ""
req, _ := http.NewRequest(method, base+path, strings.NewReader(body))
timestamp := fmt.Sprintf("%d", time.Now().UnixMilli())
// Ensure path contains query params `?market=AVAX-USDC&limit=1000`.
concattedString := timestamp + method + path + body
mac := hmac.New(sha256.New, []byte(apiSecret))
mac.Write([]byte(concattedString))
sig := mac.Sum(nil)
req.Header.Set("ENCLAVE-KEY-ID", keyId)
req.Header.Set("ENCLAVE-TIMESTAMP", timestamp)
req.Header.Set("ENCLAVE-SIGN", hex.EncodeToString(sig))
res, err := http.DefaultClient.Do(req)
if err != nil {
fmt.Printf("http err: %s", err)
return
}
data, _ := io.ReadAll(res.Body)
fmt.Printf("Status: %s, Body: %s", res.Status, data)
}