Trouble accessing developer sandbox through the API

Support
1

Hello,

We are looking to use Fireblocks through the API and we are working in the developer sandbox environment.

We are using the REST API in C++ through the libcurl library.

When I send a request to get assets (“/v1/assets”), I am getting back the following response:

[!DOCTYPE html]
[h2 class=“cf-subheadline”>You are unable to access fireblocks.io</h2]

I am not sure what is failing and where.

  1. Is there an issue with the request?
  2. Is there an issue with the signing of the request?
  3. Is there an issue with my API key that I am using?
  4. Or something else?

Any pointers on this will be appreciated.

Best,
AJ

2

It turns out that my code had a bug where I was not hex-encoding the bodyHash in the JWT. Now that I am setting the bodyHash with a hex-encoded value, I am getting a proper JSON response back - but now, the response says this { “message”: “jwt malformed”, “code”: -1}. Trying to figure out what is wrong with the JWT now.
Best,
AJ

3

Hi AJ,

Malformed JWT refers to improper serialization of the JWT.
The JWT format is as follows:

payload = {
        "uri": path,
        "nonce": nonce,
        "iat": now,
        "exp": expiration,
        "sub": api_key,
        "bodyHash": body_hash
    }

Then signed with your Private key using the RS256 algorithm.

token = jwt.encode(
        payload,
        private_key,
        algorithm="RS256"
    )

You can also refer to examples (We do not have an example in c++ but have an c#/rust)

4

Hi Rotem,

Thanks for looking into this.

Turns out my issue was that I was using base64 encoding instead of base64url encoding. That seems to have resolved my issue. Since there were no C++ example, I just followed what was in the “Autheticate (Authenticate)” documentation (which says base64 encoding) - it might help someone else in the future if it is changed to base64url encoding.

image
image830×166 14.5 KB

Best,
AJ