.agents/skills/fiat/references/authentication.md
All trading endpoints require either HMAC SHA256, RSA, or Ed25519 signed requests. Always detect the key type before signing, do not assume HMAC.
| Environment | URL |
|---|---|
| Mainnet | https://api.binance.com |
X-MBX-APIKEY: your_api_keyUser-Agent: binance-fiat/1.1.0 (Skill)Include all parameters plus timestamp (current Unix time in milliseconds):
transactionType=...×tamp=1234567890123
Optional: Add recvWindow (default 5000ms) for timestamp tolerance.
Before generating the signature, percent‑encode all parameter names and values using UTF‑8 encoding according to RFC 3986.
Unreserved characters that must not be encoded: A-Z a-z 0-9 - _ . ~
symbol=这是测试币456Percent‑encoded:
symbol=%E8%BF%99%E6%98%AF%E6%B5%8B%E8%AF%95%E5%B8%81456
Important: The exact encoded query string must be used for both signing and the HTTP request.
Generate the signature from the encoded query string.
Create HMAC SHA256 signature of the query string using your secret key:
# Example using openssl
echo -n "transactionType=...×tamp=1234567890123" | \
openssl dgst -sha256 -hmac "your_secret_key"
Create RSA signature of the query string using your private key:
# Example using openssl
echo -n "transactionType=...×tamp=1234567890123" | \
openssl dgst -sha256 -sign private_key.pem | base64
Create Ed25519 signature of the query string using your private key:
# Example using openssl
echo -n "transactionType=...×tamp=1234567890123" | \
openssl pkeyutl -sign -inkey private_key.pem | base64
Add signature parameter to the query string:
transactionType=...×tamp=1234567890123&signature=abc123...
Include User-Agent header with the following string: binance-fiat/1.1.0 (Skill)
Request:
curl -X GET "https://api.binance.com/sapi/v1/fiat/orders" \
-H "X-MBX-APIKEY: your_api_key" \
-H "User-Agent: binance-fiat/1.1.0 (Skill)" \
-d "transactionType=...×tamp=1234567890123&signature=..."
#!/bin/bash
API_KEY="your_api_key"
SECRET_KEY="your_secret_key"
BASE_URL="https://api.binance.com"
# Get current timestamp
TIMESTAMP=$(date +%s000)
# Build query string (without signature)
QUERY="transactionType=...×tamp=${TIMESTAMP}"
# Generate signature
# For HMAC SHA256:
SIGNATURE=$(echo -n "$QUERY" | openssl dgst -sha256 -hmac "$SECRET_KEY" | cut -d' ' -f2)
# For RSA or Ed25519, replace the above line with the appropriate signing command.
## RSA:
# SIGNATURE=$(echo -n "$QUERY" | openssl dgst -sha256 -sign private_key.pem | base64)
## Ed25519:
# SIGNATURE=$(echo -n "$QUERY" | openssl pkeyutl -sign -inkey private_key.pem | base64)
# Make request
curl -X GET "${BASE_URL}/sapi/v1/fiat/orders?${QUERY}&signature=${SIGNATURE}" \
-H "X-MBX-APIKEY: ${API_KEY}"\
-H "User-Agent: binance-fiat/1.1.0 (Skill)"