API Authentication

Futuric-WaaS uses API keys combined with the concept of signing to authorize API callers.

The following example demonstrates how to sign a payload to obtain a signature and access the "Create User" API. In this API, you must pass the values of "ApiKey", "Signature", and "SubGuid" in the Header, as well as the "subUserId" value in the original Body.

POST: Create Sub User

http://demo-waas-gateway.futuricblock.com/api/v2/wallet/user/create?api-version=2.0

Variable Name	Value Type	Optional	Example
subUserId	string	No	"SUID-32a0fb0e-bdad-4d68-9734-756bdeb24ca9"

Query Parameters

Parameter Name	Value
api-version	2.0

Body (JSON)

{
    "subUserId": "Test_1234"
}

Example Request

curl --location 'http://demo-waas-gateway.futuricblock.com/api/v2/wallet/user/create?api-version=2.0' \
--header 'ApiKey: 4a88c6f1d6d24e46b2b0edd0ad69bac5f' \
--header 'Signature: [Your_Signature]' \
--header 'SubGuid: SUB_00001' \
--data-raw '{
    "subUserId": "SUID-32a0fb0e-bdad-4d68-9734-756bdeb24ca9"
}'

To use RSA digital signatures, you need to convert the entire original body payload string into a Base64 encoded string, as shown below:

Original

{
    "subUserId": "Test_1234"
}

Base64 Encoded

eyJzdWIiOiJ2VzVSVWQ0a0lLaVczdzd4dzN4dWlMIn0=

Then, you will use the RSA private key to sign the Base64 data to obtain the signature string.

You should use the SHA-512 with RSA hashing algorithm, with a signature size of 2048 bits integer, corresponding to the size of the RSA keys

You can also generate and verify signatures on the following website:

https://www.base64encode.org/zh/ https://8gwifi.org/RSAFunctionality?rsasignverifyfunctions=rsasignverifyfunctions&keysize=2048