EdgeCron API Docs

Authentication

HMAC-SHA256 signing rules for the EdgeCron customer-facing API.

Customer-facing requests pass through this middleware chain:

RequestID -> APIKey -> Signature -> RateLimitApp -> BillingMiddleware

Required headers

HeaderTypeDescription
X-Key-IDstringYour API key ID, for example ak_....
X-TimestampintegerUnix timestamp in seconds.
X-SignaturestringLowercase hex HMAC-SHA256 signature.
Content-Typestringapplication/json for requests with a JSON body.

Signature payload

The signing input is:

timestamp + "\n" + payload

payload is built with these rules:

  • Sort query parameters by key.
  • Use the raw body string when a body exists.
  • When both query and body exist, use sorted_query + "&" + raw_body.

Node.js example

import crypto from 'node:crypto';

function sign(secret: string, timestamp: number, payload: string) {
  return crypto
    .createHmac('sha256', secret)
    .update(`${timestamp}\n${payload}`)
    .digest('hex');
}

On this page