Open API Protocol

1.Request Instructions

• Interface is case sensitive
• The request of the interface needs to generate the correct sign before it can be successfully called
• QPM frequency limit is 10, more than 10 requests in a minute will return "request too frequent", you need to wait for the next minute to request again

2.Common Request Parameters

• Header

• Body

• Request Example

{
    "client_id": "xxx",
    "timestamp": 1608776690,
     "sign": "05d481dc241a7a1daa5b2a7fa2b51dc5",
    "...": "..."
}

3.Sign Generation Logic

• Pass client_id, timestamp, sign in the request parameters to pass the authentication, and the token is generated by client_secret, timestamp according to the encryption rules.
• Encryption rule md5(client_secret + timestamp).
• The default validity period of timestamp is 30s. If it exceeds 30s, an interface timeout will be reported.
• The client_id and client_secret mentioned above need to be applied to the XMP account manager.

4.Sign Generation Sample Code

//java Sample

import org.apache.commons.codec.digest.DigestUtils;

public static String getSign(String clientSecret) {
	long timestamp = System.currentTimeMillis()/1000;
	String oriSign = clientSecret + timestamp;
	String sign = DigestUtils.md5Hex(oriSign);
	return sign;
}



//python Sample

import hashlib
import time

def get_sign(clientSecret):  
	timestamp = int(time.time())
	oriSign = clientSecret+str(timestamp)    
	encodeSign = str(oriSign).encode()  
	sign = hashlib.md5(encodeSign)
	return sign.hexdigest()


	
//php Sample

function getSign($clientSecret)
{
	$timestamp = time();
	$oriSign = $clientSecret . $timestamp;
	$sign = md5($oriSign);
	return $sign;
}



//go Sample

import (
	"time"
	"strconv"
	"app/util/encrypt"
)

func getSign(clientSecret string) string {
	timestamp := time.Now().Unix()
	sign := encrypt.Md5(fmt.Sprintf("%s%s", clientSecret, strconv.FormatInt(timestamp, 10)))
	return sign
}

5.Status Description