# Signature Generation

The HMAC signature is generated using the following process:

#### 1. Canonical JSON Serialization

The request body is canonicalized to ensure consistent signatures regardless of JSON key ordering:

* Object keys are sorted alphabetically
* No whitespace between elements
* Consistent string escaping
* Handles nested objects and arrays recursively

**Example:**

```json
// Original JSON (key order may vary)
{"name": "John", "age": 30, "city": "New York"}

// Canonical JSON (always same output)
{"age":30,"city":"New York","name":"John"}
```

#### 2. HMAC-SHA256 Calculation

```
signature = HMAC-SHA256(canonical_body, client_secret)
```

Where:

* `canonical_body` is the canonicalized JSON string. **For GET or requests with no body**, use the string `"{}"` (canonical empty object), not the literal empty string `""`. The API and SDK sign GET requests with `"{}"`.
* `client_secret` is your API client secret
* Output is hexadecimal string


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.orda.network/api-reference/api-reference/authentication/signature-generation.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.