# Ambro API

You want to use ambro solutions to enable the buying and selling of crypto by thematic to your customers. Here is a document explaining how to use our API to allow you to manage your users, their KYC, their purchase and sale of crypto. For more information on ambro do not hesitate to discover our website [https://ambro-crypto.fr](#user-content-fn-1)[^1] If you have any questions, do not hesitate to contact us at {% hint style="info" %} You can access a postman here {% endhint %} ## URL(s) | Environment | URL | | ----------- | ---------------------- | | Dev | apidev.ambro-crypto.fr | | Prod | api.ambro-crypto.fr | ## Authentification By partnering with Ambro you received an **APP\_ID**, **API\_KEY** and an **API\_SECRET**. {% hint style="danger" %} If you think your API\_SECRET or API\_KEY is corrupt contact Ambro as soon as possible to deactivate and re-generate new keys {% endhint %} You must send each request the signature of this **APP\_ID**, **API\_KEY** and **API\_SECRET** in the header as the **X-Amb-Access-Sig** key as well as the timestamp in the key **X-Amb-Access-Ts**

Sample code for creating a JS client-side signature

``` const crypto = require('crypto'); function generateSignatureHeader(appId, apiKey, apiSecret) { const timestamp = Date.now().toString(); const signature = crypto.createHmac('sha256', apiSecret) .update(apiKey + timestamp) .digest('hex'); return { "X-Amb-Access-Sig" : signature, "X-Amb-Access-Ts" : timestamp, "X-Amb-App-Id": appId } } const apiKey = 'AMBRO_API_KEY'; const apiSecret = 'AMBRO_API_SECRET'; const appId = 'AMBRO_APP_ID'; const signedRequestHeader = generateSignatureHeader(appId, apiKey, apiSecret); console.log('Header :', signedRequestHeader); ```

Sample code for creating a PHP client-side signature

``` $signature, "X-Amb-Access-Ts" => $timestamp, "X-Amb-App-Id" => $appId ]; } $apiKey = 'AMBRO_API_KEY'; $apiSecret = 'AMBRO_API_SECRET'; $appId = 'AMBRO_APP_ID'; $signedRequestHeader = generateSignatureHeader($appId, $apiKey, $apiSecret); print_r($signedRequestHeader); ?> ```

Sample code for creating a Python client-side signature

``` import time import hmac import hashlib def generate_signature_header(app_id, api_key, api_secret): timestamp = int(time.time()) signature = hmac.new(bytes(api_secret, 'utf-8'), msg=bytes(api_key + str(timestamp), 'utf-8'), digestmod=hashlib.sha256).hexdigest() return { "X-Amb-Access-Sig" : signature, "X-Amb-Access-Ts" : timestamp, "X-Amb-App-Id": app_id } api_key = 'AMBRO_API_KEY' api_secret = 'AMBRO_API_SECRET' app_id = 'AMBRO_APP_ID' signed_request_header = generate_signature_header(app_id, api_key, api_secret) print(signed_request_header) ```

Sample code for creating a Ruby client-side signature

``` require 'openssl' require 'time' def generate_signature_header(app_id, api_key, api_secret) timestamp = Time.now.to_i signature = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), api_secret, api_key + timestamp.to_s) { "X-Amb-Access-Sig" => signature, "X-Amb-Access-Ts" => timestamp, "X-Amb-App-Id" => app_id } end api_key = 'AMBRO_API_KEY' api_secret = 'AMBRO_API_SECRET' app_id = 'AMBRO_APP_ID' signed_request_header = generate_signature_header(app_id, api_key, api_secret) puts signed_request_header ```

{% hint style="danger" %} If you think your API\_SECRET or API\_KEY is corrupt contact Ambro as soon as possible to deactivate and re-generate new keys {% endhint %} [^1]: