# Authenticate with API Key

## Step by step

1. Create your user API Key and add permissions
   1. [#create-api-key](#create-api-key "mention")
2. Create a Signature
   1. [#create-a-signature](#create-a-signature "mention")
3. Authenticate via API 
   1. [#authenticate-via-api](#authenticate-via-api "mention")

## Create API KEY

Navigate through the admin UI to your user profile.

<figure><img src="https://3914576130-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FLp9bjbiKt9M7tGE7GNdh%2Fuploads%2Fmnq1CrfTc4N7dyoUMREx%2Fimage.png?alt=media&#x26;token=8d8ed4a7-af7e-44c1-b642-a7623fd27add" alt=""><figcaption></figcaption></figure>

Click on the API KEYS option.

<figure><img src="https://3914576130-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FLp9bjbiKt9M7tGE7GNdh%2Fuploads%2FOzNeVSEh7M9mMMZ5oOFa%2Fimage.png?alt=media&#x26;token=f08db89f-ea73-450b-a5e6-7af7c4ac838b" alt=""><figcaption></figcaption></figure>

Click on 'Create your API KEY'. You will see the following:

Depending on how you plan to use your API KEY, please choose from the available options. If you want to restrict usage by IP address, you can add the allowed IP in the designated field. Remember, you can always modify this later.

<figure><img src="https://3914576130-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FLp9bjbiKt9M7tGE7GNdh%2Fuploads%2FeeARBh6gdCfp82BCXzkg%2Fimage.png?alt=media&#x26;token=bf590733-5f7b-405f-b1ec-957289938576" alt=""><figcaption></figcaption></figure>

When you click on 'Create API Key', you will see your API KEY, API SECRET, and NONCE displayed on screen only once. You can download them using the 'Export to JSON' button. It's very important to store them in a safe place, as you will need them later.

<figure><img src="https://3914576130-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FLp9bjbiKt9M7tGE7GNdh%2Fuploads%2F2KGHFMsmxHAOo6egQnCe%2Fimage.png?alt=media&#x26;token=36fc14cc-1a53-4f15-8cfe-e66a10e1c963" alt=""><figcaption></figcaption></figure>

To save, click the button confirming that you've securely stored your credentials, then close the modal. Your new API KEY will now appear in the list, and you can edit or delete it as needed.

<figure><img src="https://3914576130-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FLp9bjbiKt9M7tGE7GNdh%2Fuploads%2FwbXZmRShVidXVt6LYSX4%2Fimage.png?alt=media&#x26;token=96e58989-c800-4fdf-8b8c-e30cc38f53cd" alt=""><figcaption></figcaption></figure>

<figure><img src="https://3914576130-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FLp9bjbiKt9M7tGE7GNdh%2Fuploads%2FjVUt8DsQ6D971XbWuFwD%2Fimage.png?alt=media&#x26;token=bea22745-cd46-4a20-973d-502e81a8e4e7" alt=""><figcaption></figcaption></figure>

## Create a Signature

To generate a signature, you will need the API Secret, Nonce, User ID, and API Key, which are all generated, You can generate a signature by using a tool such as <https://codebeautify.org/hmac-generator> The algorithm will be SHA256, the Key will be the API Secret, and the plain text message will be composed of a combination the Nonce, User ID, and API key, in that exact order with no spaces. An example is listed below.

<figure><img src="https://3914576130-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FLp9bjbiKt9M7tGE7GNdh%2Fuploads%2FFAmh4CjmbpuqoaLtAi9A%2Fimage.png?alt=media&#x26;token=036b826e-e084-4bf6-b88e-590261566c11" alt=""><figcaption></figcaption></figure>

## Authenticate via API

Follow the example in the image, add the APIKEY, Signature, UserId, and Nonce to the request headers, and call the `AuthenticateUser` endpoint. This will successfully authenticate you.

<figure><img src="https://3914576130-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FLp9bjbiKt9M7tGE7GNdh%2Fuploads%2FZLBgkYJMzZ7Dk2HSkN6a%2Fimage.png?alt=media&#x26;token=f92373d5-2777-4870-be4e-80c835a8b1f5" alt=""><figcaption></figcaption></figure>

## POST /AuthenticateUser

> Authenticate user session

```json
{"openapi":"3.0.3","info":{"title":"Trading API","version":"1.0.0"},"servers":[{"url":"https://apstage.proxy.kiiex.io/ap","description":"Staging Environment"},{"url":"https://alphaprod.proxy.kiiex.io/ap","description":"Production Environment"}],"paths":{"/AuthenticateUser":{"post":{"summary":"Authenticate user session","operationId":"authenticateUser","requestBody":{"required":true,"content":{"application/json":{"schema":{"oneOf":[{"type":"object","properties":{"APIKey":{"type":"string"},"Signature":{"type":"string"},"UserId":{"type":"string"},"UserName":{"type":"string"},"Nonce":{"type":"string"}}}]}}}},"responses":{"200":{"description":"Authentication result","content":{"application/json":{"schema":{"type":"object","properties":{"authenticated":{"type":"boolean"},"user":{"type":"object","properties":{"userId":{"type":"integer"},"userName":{"type":"string"},"email":{"type":"string"},"emailVerified":{"type":"boolean"},"accountId":{"type":"integer"},"omsId":{"type":"integer"},"use2FA":{"type":"boolean"}}}}}}}}}}}}}
```

In the response, you will receive a session token. Use it in all subsequent requests by including it in the headers as the value of `aptoken`.