Using no-code tools like N8N is great for automation, but when you need to connect with government services, financial platforms like Binance, or cloud providers like Cloudinary, things get tricky. Some of APIs require SHA-256 signatures to secure requests, which means you need to generate a unique signature for every request. This process might sound complicated, but it’s actually straightforward when broken down. 🤔 Why Use Signatures Instead of Just an API Key? Some services don’t accept just an API key for security reasons. Instead, they require a hashed signature to: ✅ Prevent tampering & replay attacks ✅ Ensure data integrity—the server verifies the signature before processing ✅ Use a secret key to sign specific request parameters ⚙️ How the Authentication Process Works in N8N Here’s the basic setup to integrate APIs that require SHA-256 authentication: 1️⃣ Set all required variables in a Set node (API key, timestamp, request parameters). ⚠️ Use Fixed Timestamp → Ensures signature matches request 2️⃣ Generate the signature using a Crypto node (method varies by service). 3️⃣ Send the request using an HTTP Request node, including the signature and required parameters. 📌 API-Specific Logic 🌩️ Cloudinary (SHA-256 Hash - Hex) 🔹 Signature logic: • Uses SHA-256 hashing (not HMAC) • Concatenates parameters + secret → Hashes them in Hex • The secret is appended at the end instead of being used as a key 📈 Binance (HMAC SHA-256 - Hex) 🔹 Signature logic: • Uses HMAC SHA-256 with secret key as the key • Takes request parameters → HMAC Hash → Converts to Hex • Requires a recvWindow (e.g., 5000ms) to prevent expired requests 💰 OKX (HMAC SHA-256 - Base64) 🔹 Signature logic: • Uses HMAC SHA-256 but encodes in Base64 • String format: timestamp + method + path + body • Secret key is used as an HMAC key 💾 Templates for all services attached below! Try it out and let me know if you have questions! 🚀