Generate Request Signature
Orderly uses theed25519 elliptic curve standard for request authentication via signature verification.
Orderly Account ID
Register your account and obtain your account ID. The registration steps are provided here.
Add your account ID to the request header as
orderly-account-id.Orderly Key
Add your Orderly public key to the request header as
orderly-key. To generate and add a new Orderly Key, see the documentation.
You can also obtain Orderly keys from frontend builders like WOOFi Pro.Timestamp
Take the current timestamp in milliseconds and add it as
orderly-timestamp to the request header.Normalize request content
Normalize the message to a string by concatenating the following:
- Current timestamp in milliseconds, e.g.
1649920583000 - HTTP method in uppercase, e.g.
POST - Request path including query parameters (without base URL), e.g.
/v1/orders?symbol=PERP_BTC_USDC - (Optional) If the request has a body, JSON stringify it and append
Generate signature
Sign the normalized content using the
ed25519 algorithm, encode the signature in base64 url-safe format, and add the result to the request header as orderly-signature.Content type
Set the
Content-Type header:GETandDELETE:application/x-www-form-urlencodedPOSTandPUT:application/json
The Orderly Key should be used without the
ed25519: prefix when used in code samples below.Minimal Example
This is a concise, single-file TypeScript example that demonstrates how to sign and send a request to the Orderly API using the@noble/curves library.
Full Example
- Java
- Python
- TypeScript
- Shell
Security
Orderly validates every request through three checks. A request must pass all three to be accepted.Request Timestamp
The request is rejected if theorderly-timestamp header differs from the API server time by more than 300 seconds.
Signature Verification
Theorderly-signature header must be a valid ed25519 signature generated from the normalized request content and signed with your Orderly secret key.
Orderly Key Validity
Theorderly-key header must reference a key that has been added to the network, is associated with the account, and has not expired.