'/%3e%3cdefs%3e%3cpattern%20id='pattern0_2104_4598'%20patternContentUnits='objectBoundingBox'%20width='1'%20height='1'%3e%3cuse%20xlink:href='%23image0_2104_4598'%20transform='matrix(0.00376176%200%200%200.0172414%20-0.00219436%200)'/%3e%3c/pattern%3e%3cimage%20id='image0_2104_4598'%20width='267'%20height='58'%20preserveAspectRatio='none'%20xlink:href='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAQsAAAA6CAMAAACQ2ozcAAAAM1BMVEVMaXH////////////////////////////////////////////////////////////////x7/yuAAAAEHRSTlMAoDDgEPBgwIBAINCwkHBQDIOTDwAAAAlwSFlzAAFxGAABcRgB7MGwCAAABm1JREFUaIHlW+uWsyoMLSIIeH3/pz0CKrmgQuusdn0nf2YaMW42kISgr1cQK+SySj+61/9cmm45RLTfRvNV0WoBIptv4/mi6AWLuiVDd0lKmLPGGPsA0nelGG8TZoXU69poTPi/v1smBjB338dZxvk218B/VIrxBl8hth9t73+Zp2x7SdNuLMX+tJTitZCKjQx1MzFquLBVc+hvpBSv8NMX/Hb+Bv2MbS8DaNsVYn9aSvFK2nWB5slHtr0sUL4Ur0vx+usowdL3A1jBhUVcfGmR1HCBFPbvuWhskvuefC4/wkWbWyMgzV2ub39GarhA+cf0KBevHrTdffSvcuGxonzCA73JBGq4gFnt7qN/lYtxwflEWOA3KWJVriWOpkd0+lUuQj6Rsu6QkcuL9jW2o4xbyzTZfpWLOG79FlatgnP5Y9tRnFn3RAYE7p/loo1bJ6GtnSLIYbuwRrz8rq6SCyY/y8W2UU0SFkw7xQCghszN/y4Xr0ZCKjpPxQz46Vjdj9pupiHUBsxclmRXcOG0CKZHfVV9dHqM1QmRrZNU4IVN15kwQ98fNHSlYNsaUsmmEUw899gNuQCck2ur17KwZXcypM6gsVSCtSN4YcozzLmWqtvbNCPRUDKgbU07RiC/z8XgmOnMtHNiYUJZu8Tbg8YW3B6HOK6PwRPQRo1sT21nBGVq73OxKNaElx8n3iiAR4CL8YbOHlH0YHnXtAL2osg2Gr8PuMgIIaPNTIooqIJdijfkyFO6b6u9gBTDo1M1PKOK6bNcYCBtf9Gwqcc7LHgr1qqFaHil69Y2KAY9zMWe/Ny3BWSU4vVdZ3UtvCHxGuQD7m2nmfY0FyBBGK8bJidXitf/gxbA7DVQwStdBbbVng48zsUxMexdy7EWr/8H9dw/QjJNLRfHKnmci2Pk5G1LW4nX/2U9x5p5eYOLvYj6PBfb+qXHfacWy/H6P6yuhavBfl1Cl0VtK7MaaGcS30wZF6ny2WS4kD71ttjyZgXHEDk5j4Ew2dTh9SbREYCEqA/NBBXY9pHX4E2eLOPiRQT1RsDAv0sc7QZhOHowIwxjHd4wDcDEmCJ1jmjQREG2werBxt3HXKRIwE+cEAYwmMijygze/hxvrq6FNJp0mNp2Zxf0x1ykWD8zLmA7lIChqe+u8U4Eb2goLbjYSaCJdnDqC20jR4JOAMzHXADYjAs4pCj5QYvH3uCFVjy66IR6Y8zoSfDlPr1rhEKdyHCB64GwJ8PHXAA144L3eBcYaw3DixwfW3skqw+GcUpHj1fP60TwSveXXKDRP7fAubjBi2bKwnrAT5p/gAsEEFuA41jNBQ60YZEip8Lq4r/NBexOLRfbvX0XfGZY5i5uVjcNOzs6tz0S23/GhYNctKcWKrmI4Sq+2BlebpRm9FSY8IRYcVTndS3si6DrEX/JBfKdeKjgitcMLw4DxNf7oVcHW/viSLt/kfqV46KHF9BofR5Tr7iA0QKhg6lIJqZe4Q3hExAroJEgIe6c17XgpEOeZy7ighatS7mA0RDlTyiJr8Obr2sJqjmva4H1g7eObREXNEiVcoGeBWqKuXy7FG9kBEhwfyjPZG9wkQOVfJlgS/Bu9+wbyy5z7YoLNL2XfgNMisFTBd6+qH5xW9fqjbV6JLUVfc4FzuS6yVoz3Lyzw7jAi2SlfrWiBTkhaOvwZrnomaa6lrNPxRwX2ft1JRe3Jb40mUvxkmc+Vtcy0NyFjgIv5oJOjEz39nVXitf/Rb6c+4txufQXWTkqpjkuXrnDLlnLhcsfmSU5Up9SvP7ZvK7F4shFXSsrB5lZLrLHXbzGd80FziS4pN15Kd6QXIGJYUhftolyXtfKSgrBWS5c7p6plguyayJyFmcv8IZRT1nmHnKJ5jzvzAoormS5yFoYqrm4AgI//LjFu3cvkKvioLQp2qlIlQseSuEXQYDt7JqFiVmei+wqqeeCfBIFewcT5XK80R+rwZgNx/F60qEhm3Zgu+HHuxK54hMucmTYei5e7B2NCD37hknAy9tDvPS0WjDNef1iTUQMploZvKc942L/3Aj0sXmDi9UOGw0KoQovzAPD2miRhr35mr7fCo3BO0K9pq/ONOBbL03NpIfIcXNQI2gP2gIteym5gSmkGvgbmRd4J/aqj93zFiUc1VCSc+K0WWWytd+HtHZ678YTQ2Yu+4jSzVePbcNVe6n51+U/wZKesx3N5aEAAAAASUVORK5CYII='/%3e%3c/defs%3e%3c/svg%3e)
Postman Collection
Get started quickly with our pre-built Postman collection containing all Bitnob API endpoints, complete with authentication, environment variables, and automated testing.
Bitnob API Collection
Complete Postman collection with all Bitnob API endpoints
v1.0.0Collection File
Complete API collection with all endpoints, examples, and tests
Environment File
Pre-configured environment variables for sandbox and production
Setup Instructions
Download Collection
Download the Postman collection file containing all API endpoints
Import to Postman
Open Postman → Import → Select the downloaded JSON file
Set Environment
Download and import the environment file with pre-configured variables
Configure API Key
Set your API key in the environment variables
Environment Variables
base_url - API base URL (sandbox or production)
client_id - Workspace client ID from the dashboard
client_secret - Workspace client secret (HMAC-SHA256 signing key)
What's Included
All API endpoints with request examples
Pre-request scripts for authentication
Response validation tests
Environment variables for easy switching
Comprehensive error handling examples
WebHook testing utilitie
What's Included
Our Postman collection provides everything you need to test and integrate with the Bitnob API:
Complete Endpoint Coverage
Identity: GET /api/whoami — sanity-check your credentials in one call
Balances: Per-currency balances across your workspace
Addresses: Generate and manage deposit addresses for supported chains
Transactions: Paginated transaction history with filters
Withdrawals: On-chain and off-chain withdrawal flows
Exchange rates: Real-time quotes for supported pairs
Trading: Market, scheduled, and target orders (DCA + take-profit)
Bulk transfers: CSV/XLSX batch payouts with scheduled recurrence
Payouts: Single and batch payouts to bank accounts and wallets
Cards: Virtual card issuing, funding, freeze/unfreeze, spend limits, and termination
Lightning: Invoices, payments, and node operations
Customers: KYC onboarding and customer lifecycle management
Beneficiaries: Saved payout recipients
Pre-configured Features
Authentication: Collection-level pre-request script auto-generates a fresh timestamp + nonce, canonicalises the JSON body, computes HmacSHA256(client_id:timestamp:nonce:body, client_secret), and injects the X-Auth-Client, X-Auth-Timestamp, X-Auth-Nonce, and X-Auth-Signature headers — you never touch headers manually
Environment Variables: One base_url for every environment (https://api.bitnob.com) — sandbox vs production is determined by which client_id / client_secret pair you paste in, not by URL
Path parameters: quote_id and upload_id are pre-declared so chained flows (quote → execute, upload → preview → confirm) work by pasting the id from an earlier response
RFC 7807 errors: Failed responses include type, title, status, detail, correlation_id, and timestamp so you can triage directly from the Postman console
Quick Start Guide
Step 1: Download Files
Click "Download Collection" to get the main API collection
Click "Download Environment" to get pre-configured variables
Step 2: Import to Postman
Open Postman application
Click the "Import" button in the top-left
Drag and drop both downloaded JSON files
Select "Import" to confirm
Step 3: Set Up Environment
Click the environment dropdown (top-right in Postman)
Select "Bitnob API Environment"
Click the eye icon to edit environment variables
Paste your client_id and client_secret from the Bitnob dashboard — the pre-request script uses them to sign every request
Step 4: Test Your First Request
Navigate to "Identity" → "Who am I" (GET /api/whoami)
Click "Send" — the pre-request script automatically signs the call with your credentials
You should receive a 200 OK response echoing back your workspace identity — if you get a 401, your client_id/client_secret are wrong or swapped
Environment Configuration
The environment file includes these important variables:
variable | description | default value |
|---|---|---|
base_url | API base URL used by every request in the collection — same host for sandbox and production (environment is determined by which credentials you use, not by URL) | https://api.bitnob.com |
client_id | Workspace client ID — the pre-request script injects this as the X-Auth-Client header | (empty — paste from dashboard) |
client_secret | Workspace client secret — the pre-request script uses it to compute HMAC-SHA256 for X-Auth-Signature (stored as secret, masked in the UI) | (empty — paste from dashboard) |
quote_id | Path parameter for Trading quote endpoints — paste the id from a Get Quote response when you want to reuse it | (empty — set manually after creating a quote) |
upload_id | Path parameter for bulk-transfer upload endpoints — paste the id returned from the presigned URL flow | (empty — set manually after requesting an upload URL) |
Security Notice: client_secret is a credential — never commit it to version control. Keep your sandbox and production pairs in separate Postman environments so you can't accidentally hit production with a sandbox key (or vice versa).
WebHook Testing
Special collection items for WebHook development
Signature verification examples
Payload validation tests
Event type handling
Retry mechanism simulation
Troubleshooting Common Issues
Unauthorized Errors
Confirm client_id and client_secret are set in the active environment and haven't been swapped
Make sure base_url matches the environment your credentials were issued for (sandbox vs production)
Open the Postman Console (View → Show Postman Console) and inspect the X-Auth-* headers — a missing X-Auth-Signature means the pre-request script didn't run
If you recently rotated credentials in the dashboard, re-paste both values — the old pair becomes invalid immediately
Connection Timeouts
Check your internet connection
Verify the base URL is correct for your environment
Contact support if sandbox/production endpoints are down
Missing Environment Variables
Re-import the environment file
Manually add missing variables using the format shown above
Use pre-request script logs to identify missing variables
Getting Help
If you encounter issues:
Check the Console tab in Postman for detailed error logs
Review our API documentation for endpoint details
Visit our support center for additional help
Join our developer community for peer support
Next Steps: Grab the OpenAPI specification for code generation, or dive into specific endpoint documentation in the API Reference section.
