For write operations (like placing orders), you need to sign your request with HMAC-SHA256. The signing payload format is {timestamp}.{METHOD}.{path}.{bodyHash}:
# Set your credentialsPUBLIC_KEY="pk_live_abcdef123456"SECRET_KEY="sk_live_secret789xyz"TIMESTAMP=$(date +%s)METHOD="POST"URL_PATH="/v1/pm/events/evt_123/markets/mkt_456/orders"BODY='{"side":"BUY","outcome":"YES","amount":100,"currency":"USD"}'# Compute body hash and create signatureBODY_HASH=$(printf '%s' "$BODY" | openssl dgst -sha256 -hex 2>/dev/null | sed 's/.*= //')PAYLOAD="${TIMESTAMP}.${METHOD}.${URL_PATH}.${BODY_HASH}"SIGNATURE=$(printf '%s' "$PAYLOAD" | openssl dgst -sha256 -hmac "$SECRET_KEY" -binary | base64)# Make the requestcurl -X POST "https://relay.bayse.markets${URL_PATH}" \ -H "X-Public-Key: ${PUBLIC_KEY}" \ -H "X-Timestamp: ${TIMESTAMP}" \ -H "X-Signature: ${SIGNATURE}" \ -H "Content-Type: application/json" \ -d "$BODY"
import crypto from 'crypto';const PUBLIC_KEY = 'pk_live_abcdef123456';const SECRET_KEY = 'sk_live_secret789xyz';const timestamp = Math.floor(Date.now() / 1000);const method = 'POST';const path = '/v1/pm/events/evt_123/markets/mkt_456/orders';const body = JSON.stringify({ side: 'BUY', outcome: 'YES', amount: 100, currency: 'USD' });// Compute body hash (SHA-256 hex digest)const bodyHash = crypto.createHash('sha256').update(body).digest('hex');// Create HMAC signature of the full payloadconst payload = `${timestamp}.${method}.${path}.${bodyHash}`;const signature = crypto .createHmac('sha256', SECRET_KEY) .update(payload) .digest('base64');// Make the requestconst response = await fetch(`https://relay.bayse.markets${path}`, { method, headers: { 'X-Public-Key': PUBLIC_KEY, 'X-Timestamp': timestamp.toString(), 'X-Signature': signature, 'Content-Type': 'application/json', }, body,});