签名规则
客户端请求头:X-App-Key、X-Timestamp、X-Nonce、X-Device-Id-Hash、X-Signature。
canonical = METHOD + "\n" + PATH_WITH_QUERY + "\n" + app_key + "\n" + timestamp + "\n" + nonce + "\n" + sha256(request_body) + "\n" + device_id_hash signature = base64url(HMAC-SHA256(app_secret, canonical))
服务端响应会包含 server_signature,签名对象是返回 JSON 中移除 server_signature 后的规范 JSON。
客户端 API
示例请求
POST /api/v1/auth/activate
{
"license_key": "LG-XXXX-XXXX-XXXX-XXXX-XXXX"
}
{
"code": 0,
"message": "ok",
"data": {
"license_token": "lic_xxx",
"authorized": true,
"expires_at": "2026-07-16T12:00:00+00:00"
},
"timestamp": 1780000000,
"server_signature": "base64url_ed25519_signature"
}