Generate JS-SDK Signature

The developer should prepare a server to generate tickets to initialize the JS-SDK. The JS-SDK is used to provide many functionalities of Binance App to web applications, such as Login and Binance Pay. The workflow is as following:

Developer should apply a pair of clientId and secret from Binance.

If you already have another pair for oauth login of Binance for your website, you can just use that one. So that you can share the openid between your website and web application.

Request for the access_token with the clientId and secret from Binance Server. It will return the access_token with expiration time.
Request for ticket with access_token from Binance Server. It will return the ticket with expiration time.

Please make sure that your secret , access_token and ticket is saved on your server and cannot be accessed by others.

After the webapp is loaded on the Binance app, the developer should try to initialize the jssdk with the signature, which is calculated on the developer's server.

The fields to be signed include:

clientId
noncestr (nonce) (random string)
Valid JS-SDK ticket
timestamp(ts)
url (URL of the current web page, excluding # and the part after it).

All parameters to be signed are sorted by ASCII code (dictionary order) from smallest to largest, and stitched into string1 using URL key-value pairs (i.e. key1=value1&key2=value2...). The string1 is encrypted with sha1, and the field name and field value are used as original values without URL escaping.

That is,

signature=sha1(clientId=xxx&nonce=xxx&ticket=xxx&timestamp=xxx&url=xxx).

For example:

sha1(‘clientId=00000000&nonce=Wm3WZYTPz0wzccnW&ticket=61edc6c8ebce4580a61b7f228ec52cde&timestamp=1596103999704&url=http://developer.binance.com?params=value’)

Get access_token

POST https://accounts.binance.com/oauth/token

Parameters:

Name	Type	Mandatory	Description
grant_type	string	yes	always be "client_credentials"
client_secret	string	yes
client_id	string	yes

Response:

{
    "access_token": [token string],
    "token_type": "bearer",
    "expires_in": [expiration time number in seconds],
    "scope": "js:ticket"
}

Get JS-SDK ticket

POST https://accounts.binance.com/oauth-api/v1/js/get-ticket

Parameters:

Name	Type	Mandatory	Description
access_token	string	yes

Response

{
    "code": "000000",
    "message": null,
    "data": {
        "ticket": [ticket string],
        "expiresIn": [expiration time number in seconds]
    },
    "success": true
}

Related API​

Get access_token​

Get JS-SDK ticket​

Related API

Get access_token

Get JS-SDK ticket