CryptoWallet API Services - Crypto Tools for Merchants
Introduction
The CoinPayments API will provide access to our services and information to our sellers. If you would like to see a particular function added, please click the Contact menu item above. API calls are implemented as standard HTTP POST (application/x-www-form-urlencoded) calls to https://cryptowallet.pw/api/
API Setup
The only setup needed is to go to the API page and generate an API key. You will be given a secret and public key used to authenticate your API calls. Make sure you don't share your secret key with any 3rd parties!
Example PHP:
$post_data = 'currency=BTC&version=1&cmd=get_callback_address&public_key=your_api_public_key&format=json';
$private_key = 'your_api_private_key';
$hmac = hash_hmac('sha512', $post_data, $private_key);
echo $hmac;
Example output:
b3010a536931d57eabd83681afc1c28cbe59a1f9273378863b1abc38a0e88b6ec2e436e8e15e94964734629c4084e6d6d97c65bb8783a1d9eb0c35e4ed0a3e0d
Authentication
Every API call has a SHA-512 HMAC signature generated with your secret key. Our server generates it's own HMAC signature and compares it with the API caller's. If they don't match the API call is discarded. The HMAC signature is sent as a HTTP header called 'HMAC'.
The HMAC signature is created from the full raw POST data of your request.
API Response
The API will return an array with 1 or 2 elements: 'status' and 'result'.
The result will always have an 'status' field. If its value is 'success' (case-sensitive) the API call was a success, otherwise it will contain an error message.
If there is data to return to you, it will be stored as an array in the 'result' element.
API POST Fields
API calls are made as basic HTTP POST requests using the following variables:
| Field Name | Description | Required? | |
|---|---|---|---|
| Main Fields These fields will be here for all calls. | |||
| version | 1 | Yes | |
| public_key | Your API public key | Yes | |
| cmd | The API you are calling | Yes | |
| nonce | Optional nonce (an integer that is always higher than in your previous API call) to prevent replay attacks. This is optional, however once used with a particular key it must always be used with that key from then on. | No | |
| format | The format of response to return, json or xml. (default: json) | No | |