Binance API call with SHA56 and Python requests

Asked 2/2, 2018 at 23:46 Answered 14/11, 2023 at 14:43

python python-3.x python-requests sha256 sha

Haven't worked in Python much and I'm obviously not sending the proper signature being asked for. How do I hash it and pass it in properly?

SIGNED endpoints require an additional parameter, signature, to be sent in the query string or request body.
Endpoints use HMAC SHA256 signatures. The HMAC SHA256 signature is a keyed HMAC SHA256 operation. Use your secretKey as the key and totalParams as the value for the HMAC operation.
The signature is not case sensitive.
totalParams is defined as the query string concatenated with the request body.

Full Documentation: https://github.com/binance-exchange/binance-official-api-docs/blob/master/rest-api.md

import requests, json, time, hashlib


apikey = "myactualapikey"
secret = "myrealsecret"
test = requests.get("https://api.binance.com/api/v1/ping")
servertime = requests.get("https://api.binance.com/api/v1/time")

servertimeobject = json.loads(servertime.text)
servertimeint = servertimeobject['serverTime']

hashedsig = hashlib.sha256(secret)

userdata = requests.get("https://api.binance.com/api/v3/account",
    params = {
        "signature" : hashedsig,
        "timestamp" : servertimeint,
    },
    headers = {
        "X-MBX-APIKEY" : apikey,
    }
)
print(userdata)

I am getting

{"code":-1100,"msg":"Illegal characters found in parameter 'signature'; legal range is '^[A-Fa-f0-9]{64}$'."}

Kane answered 2/2, 2018 at 23:46 Comment(1)

You'll have to use hmac – Clerestory 2/2, 2018 at 23:51

This:

hashedsig = hashlib.sha256(secret)

Gives you a hash object, not a string. You need to get the string in hex form:

hashedsig = hashlib.sha256(secret).hexdigest()

You could have figured this out by comparing the documentation you linked (which shows they require hex strings) with your original hashedsig and the functions it provides.

Secondly, as a commenter pointed out, you need to apply HMAC, not just SHA256:

params = urlencode({
    "signature" : hashedsig,
    "timestamp" : servertimeint,
})
hashedsig = hmac.new(secret.encode(), params.encode(), hashlib.sha256).hexdigest()

Grapery answered 2/2, 2018 at 23:53 Comment(0)

Quick code to access SIGNED endpoints


# 1 - Imports
import urllib, hashlib, hmac, time

# 2 - Your parameters : Modify the values below
binance_base_url = "https://api.binance.com"
endpoint = "your_signed_endpoint"
    
api_key = "your_api_key"
api_secret = "your_api_secret"
    
params = {
    # Add here your endpoint params
    "timestamp" : int(time.time() * 1E3)
}

# 3 - Generating the signature and the headers
query_string = urllib.parse.urlencode(params)
signature = hmac.new(api_secret.encode(), query_string.encode(), hashlib.sha256).hexdigest()
params["signature"] = signature
headers = {
    "X-MBX-APIKEY": api_key
}

# 4 - Making the API call
response = requests.get(binance_base_url + endpoint, params = params, headers = headers)

print(response.json())

Unitarian answered 14/11, 2023 at 14:43 Comment(0)

Recommended topics

Hot tags