bybit . API V5 . rest . authentication 처리

 

Parameters for Authenticated Endpoints

The following http header keys must be used for authentication:

X-BAPI-API-KEY :   API key
X-BAPI-TIMESTAMP : UTC timestamp in milliseconds
X-BAPI-SIGN  : a signature derived from the request's parameters
X-Referer or Referer :  the header for broker users only

 

We also provide X-BAPI-RECV-WINDOW (unit in millisecond and default value is 5,000) to specify how long an HTTP request is valid. It is also used to prevent replay attacks.

A smaller X-BAPI-RECV-INDOW is more secure, but your request may fail if the transmission time is greater than your X-BAPI-RECV-WINDOW.

 

 

 

코드에서 보안키 처리 .

처리1 . timestamp + API key + (recv_window) + (queryString | jsonBodyString)

처리2 . Use the HMAC_SHA256 or RSA_SHA256 algorithm to sign the string in step 1, and convert it to a hex string (HMAC_SHA256) / base64 (RSA_SHA256) to obtain the sign parameter.

 

처리3. Append the sign parameter to request header, and send the HTTP request. Note: the plain text for GET and POST requests is different. Please refer to blew examples.

 

 

GET 인 경우 

# rule:
timestamp+api_key+recv_window+queryString

# param_str
"1658384314791XXXXXXXXXX5000category=option&symbol=BTC-29JUL22-25000-C"

# parse
timestamp = "1658384314791"
api_key = "XXXXXXXXXX"
recv_window = "5000"
queryString = "category=option&symbol=BTC-29JUL22-25000-C"

 

POST 인 경우 

# rule:
timestamp+api_key+recv_window+raw_request_body

# param_str
1658385579423XXXXXXXXXX5000{
"category": "option"
}

# parse
timestamp = 1658385579423
api_key = XXXXXXXXXX
recv_window = 5000
raw_request_body = {"category": "option"}

 

 

HTTP request examples

GET 

GET /v5/order/realtime?category=option&symbol=BTC-29JUL22-25000-C HTTP/1.1
Host: api-testnet.bybit.com
-H 'X-BAPI-SIGN: XXXXXXXXXX' \
-H 'X-BAPI-API-KEY: XXXXXXXXXX' \
-H 'X-BAPI-TIMESTAMP: 1658384431891' \
-H 'X-BAPI-RECV-WINDOW: 5000'

 

POST

POST /v5/order/create HTTP/1.1
Host: api-testnet.bybit.com
-H 'X-Referer: XXXXXXXXXX' \ [the header for broker users only]
-H 'X-BAPI-SIGN: XXXXXXXXXX' \
-H 'X-BAPI-API-KEY: XXXXXXXXXX' \
-H 'X-BAPI-TIMESTAMP: 1658385589135' \
-H 'X-BAPI-RECV-WINDOW: 5000' \
-H 'Content-Type: application/json' \
-d '{
"category": "option"
}'

 

 

 

 

 

VC++ 에서 authentication 적용 GET 코드 구현예. 

int CCyRestBybit_Spot::http_get_OpenOrders(CCyD_CyFinSymbol::Symbol* p_symbol, std::string current_page_cursor, std::string* next_page_cursor)
{
    std::string str_query; 

    if (current_page_cursor.compare("first_igotit") == 0)
    {
        str_query = "category=spot&symbol=" + p_symbol->map_FieldValue["name_api"] + "&limit=50";
    }
    else
    {
        str_query = "category=spot&symbol=" + p_symbol->map_FieldValue["name_api"] + "&limit=50" + "&cursor=" + current_page_cursor;
    }
     
    // 처리1. timestamp+api_key+recv_window+queryString  
    std::string timestamp = std::to_string(CyUtilTime::get_time_ms()); // 밀리초 단위의 현재시각.
    std::string recv_window = "5000";
    std::string str_hmac_input = timestamp + m_ApiKey + recv_window + str_query;

    // 처리2. HMAC_SHA256
    std::string sign = m_CCyUtilSSL.hmac_sha256(m_ApiSecret.c_str(), str_hmac_input.c_str());

    // 처리3. http header 
    std::string http_header = "";
 
    http_header.append("X-BAPI-SIGN: " + sign);
    http_header.append("\nX-BAPI-API-KEY: " + m_ApiKey);
    http_header.append("\nX-BAPI-TIMESTAMP: " + timestamp);
    http_header.append("\nX-BAPI-RECV-WINDOW: " + recv_window);
    http_header.append("\nContent-Type: application/json");
    

    // 처리4. http get with header. 
    std::string url_with_query = m_AddressBase + URL_OpenOrders_V5 + "?" + str_query;
    
    std::string result;
    m_CCyRestAPI.https_get_header(url_with_query, http_header, &result);


    //수신된 result 파싱처리. 

    rapidjson::Document m_RJDoc;
    
 ....   
 }

 

 

 

 

 

authentication 정보 오류 있는 것을 요청한 경우  헤더 응답

- 오류 예. 1. header 에 기록할 항목 오류 있는 경우.  2. signature 잘못 생성한 경우. 

 

 

오류없이 정상적으로 서버에 접수된 경우 헤더 응답. 

 

 

 

상위정리

 

bybit api v5 . 활용방법 정리

 

 

---

첫 등록 : 2023.10.26

최종 수정 : 

단축 주소 : https://igotit.tistory.com/4956

---