Skip to main content
Certain Anchorage endpoints require an Ed25519 signature in the request headers alongside the API key. Signatures are optional unless explicitly required, but are encouraged for all requests for maximum security. The Api-Signature is valid for 60 seconds.

Signature input

Create the signature by concatenating these values:
For requests without a body, omit the body from the signature input. For requests with a JSON body, sign the exact bytes sent over the wire — that is, JSON.stringify(body) with no extra whitespace. Any difference (stray spaces, trailing newlines, key reordering) will produce a signature the server rejects.

Sign a request

JSON.stringify(body) produces the same compact bytes the server signs against, so you don’t need to pre-serialize the request manually. The live signer above applies the same canonicalization to anything you paste into the body field.