Request Headers

The Render Compute API requires a set of request headers in order to ensure the integrity of requests between clients and the API. You can learn more about the Render Compute API request headers in the API Overview.

{
  "headers": {
    "X-Time": "timestamp", // UTC timestamp in milliseconds
    "X-Nonce": "nonce", // 32-character hexadecimal string
    "X-Signature": "signature" // sha256 HMAC signature
  }
}

X-Signature Parameters

The HMAC signature must be derived from a string composed of the canonical parameters of the request, in order, delimited by a pipe | character.

Example:

// Node.js

import crypto from 'crypto';

function generateCanonicalString({
  body, // a byte representation of the request body
  method, // the HTTP request method in uppercase, e.g. 'GET'
  nonce, // a 32-character hexadecimal string, this must be the same as your X-Nonce header
  path, // the HTTP request path, e.g. '/v1/jobs'
  publicKey, // your API key public_key or JWT hmac_key claim
  query, // the URL query string with no leading '?', e.g. 'status=COMPLETED'
  timestamp, // the UTC timestamp in milliseconds, this must be the same as your X-Time header
}): string {
  // Join all components of the canonical string with a pipe `|` character.
  const canonicalString = [
    publicKey,
    timestamp,
    nonce,
    method,
    path,
    query,
    body: crypto.createHash('sha256').update(body).digest('hex'),
  ].join('|');

  return canonicalString;
}

function generateHmacSignature({
  canonicalString, // the canonical string as noted above
  secretKey, // your API key secret_key or JWT hmac_key claim
}): string {
  const hmac = crypto.createHmac('sha256', secretKey);
  hmac.update(canonicalString);

  const hmacHex = hmac.digest('hex');

  return hmacHex;
}

X-Signature Parameters​

Example:​

X-Signature Parameters

Example: