The subscribe and unsubscribe requests to WebSocket private feeds require a signed challengemessage with the user api_secret.
The challenge is obtained as is shown in Section WebSocket API Public (using the api_key).
Authenticated requests must include both the original challenge message (original_challenge) and the signed (signed_challenge) in JSON format.
The challenge is a UUID string.
The steps to sign the challenge are the same as the steps to generate an authenticated REST requestexcept for step 1 which now is just the challenge string:
The result of the step 4 is the signed challenge which will be included in the subscribe request.
The table below shows the expected output from example inputs: