Most of the calls described next require authentication. All those are POST requests that must be created according to the following steps:
1. Include a unique 'nonce' argument (numeric value).
2. Include an 'method' argument set to the end point for the request.
3. Represent the (key, value) pairs present in the request as JSON. Let SIGNDATA be the result of this step.
4. Calculate the HMAC-SHA512 of SIGNDATA using your API secret.
5. Create a 'Sign' header and set its value to the hexadecimal digest resulting from the HMAC-SHA512 calculation.
6. Create a 'Key' header and set its value to your API key.
7. Send a POST request with the parameter SIGNDATA.
For all purposes the nonce must be unique within an API key. If this is not the case, or the signature doesn't match, an error will be returned.
To get started with the PHP client, here's a snippet for creating a client with existing credentials:
// import the StocksExchange Class
// include composer autoload
$key = '1234567890'; // API key sample
$secret = '1234567890'; // API secret sample
// create an StocksExchange instance with API key, API secret, URL and DEBUG
$stocks = new StocksExchange($key, $secret, 'https://app.stex.com/api2', false);
Note that the clients provided do all the steps required for signing data. The limited testing can be done through the sandbox page.