Submit First API Call
This is the fastest way to confirm your zerohash integration is wired up correctly. GET /time returns the server's current Unix timestamp and requires no authentication. It's the canonical health check before you start signing requests.
Prerequisites
- A zerohash Cert or Prod platform. See Get Platform Access
curl(or any HTTP client).
Endpoints
| Environment | Base URL |
|---|---|
| Cert | https://api.cert.zerohash.com |
| Prod | https://api.zerohash.com |
Submit Request
Execute a Get server time request
//GET https://api.cert.zerohash.com/time
curl --request GET \
--url https://api.cert.zerohash.com/time \
--header 'accept: application/json'Expected response
{
"message": {
"epoch": 1715459200000,
"epoch_units": "milliseconds",
"iso_8601": "2024-05-11T20:26:40.000Z"
}
}If you got a 200 with a timestamp roughly equal to the current time, you're hitting zerohash successfully and TLS is good.
Next: authenticated calls
GET /time is the only endpoint that doesn't require authentication. Every other endpoint needs four headers — X-SCX-API-KEY, X-SCX-SIGNED, X-SCX-TIMESTAMP, and X-SCX-PASSPHRASE that are derived from your API key, passphrase, secret, and the request payload using HMAC-SHA256.
See API Authentication for the full signing recipe.
Troubleshooting
- 401 Unauthorized on
/time-/timeis unauthenticated; a 401 means the base URL is wrong or your platform isn't provisioned. Double-check the environment table above. - Connection refused / DNS error - confirm outbound HTTPS to
*.zerohash.comisn't blocked by a corporate proxy. - TLS errors in corporate networks - your machine may need an internal CA bundle (e.g. Netskope, Zscaler). Set
REQUESTS_CA_BUNDLEor your client's equivalent.
Updated about 10 hours ago