API

Our Authenticated API allows you limited use/access of your Tether account on the platform. The Authenticated API allows you to retrieve certain account data. To do this, a Tether Account and a set of corresponding API keys are required.

To create an API key, log in to your account and navigate to the API key management page. On this page, you can create new keys and revoke existing ones. To create a key, press the “Create Key” button and select the desired permissions.

Authenticated Requests

Authenticated calls should use the domain:
https://app.tether.to

Authentication is achieved through the signing of the request details with the users api secret and then passing the api key and base 64 encoded signature in the header along with the request to be verified.

Below is an example in Ruby for interacting with the authenticated endpoints. The following assumptions are made:

  • You are using your API key and API Secret key
  • Your “signature” variable follow the same format that is listed below
require 'time'
require 'httparty'

@base_uri = 'https://app.tether.to/api/v1'
@api_key = 'YOUR-KEY'
@api_secret = 'YOUR-SECRET'


def b64_encode(string)
  Base64.strict_encode64(string)
end

def md5_base64digest(string)
  Digest::MD5.base64digest(string)
end

def hmac_signature(canonical_string)
  digest = OpenSSL::Digest.new('sha1')
  b64_encode(OpenSSL::HMAC.digest(digest, @api_secret, canonical_string))
end

def do_request(verb, uri, options={})
  path = @base_uri + uri

  if [:get, :delete].include? verb
    request_options = {}
    path = "#{@base_uri}#{uri}?#{URI.encode_www_form(options)}" unless options.empty?
    content_md5 = md5_base64digest('')
  else
    body = options.to_json
    request_options = { body: body }
    content_md5 = md5_base64digest(body)
  end

  # Generate valid headers and signature
  headers = {
      'Content-MD5' => content_md5,
      'Date' => Time.now.utc.httpdate,
      'Content-Type' => 'application/json',
  }
  canonical_string = [ verb.upcase,
                       headers['Content-Type'],
                       headers['Content-MD5'],
                       URI(@base_uri + uri).path,
                       headers['Date']
  ].join(',')

  signature = hmac_signature(canonical_string)
  headers['Authorization'] = "APIAuth #{@api_key}:#{signature}"
  request_options[:headers] = headers

  # forward to HTTParty
  response = HTTParty.send(verb, path, request_options)
  parsed_response = JSON.parse(response.body)
  parsed_response
end

def get(path, options={})
  do_request :get, path, options
end

## Define the functions to perform the authenticated calls

# returns current account balances
def balances
  get '/balances.json'
end

# returns list of most recent transactions
def transactions
  get '/transactions.json'
end

# returns details of a specific transaction
def get_transaction(id)
  get "/transactions/#{id}.json"
end