(New) What is API Key? What to note when using the API to trade coin?

By F | Công Cu

What is API Key

This article will help you learn about API Key and the notes when using API Key when trading coins.

Also follow today's article.

API (Application Programming Interface) is an application programming interface.

Interface Interface here is not a "surface" for people to contact the computer, but rather the interface between software and software.

Or you can understand that intermediary windows allow software, applications, or systems to communicate with each other, taking advantage of each other's capabilities.

API Key is the key (key) to authorize software / applications to identify and work together.

Some familiar examples of APIs

Connect API Key of Facebook, Instagram to 3rd party applications to automatically post, comment.

The news page about Cryptocurrency Get the Coinmarketcap API to display market prices.

Enter the exchange's API Key into the 3rd-party application to execute trades without direct access to the exchange.

Today I will help you better understand API Key in trading coins.

How to get API Key on trading platforms?

Obtaining API Key on the trading floor is a way for you to get the API Key of your trading platform, attach (import) it to another application to perform transactions on these exchanges without having to directly access those exchanges. .

At the same time, you can take advantage of the other third-party application to trade that the exchange is not available, such as using Bot trading.

In fact, the trading volume of exchanges via API is relatively large. I was quite surprised after researching this information. You refer to the table below.

This proves a large number of users are joining the market using 3rd party applications.

You can learn more about the data of trading floors through API, you can see more here: https://www.blockchaintransparency.org/december-2018-rankings

Useful articles for you: How to Generate API Key on Exchanges

Things to keep in mind when using the API Key to Trade Coin

Most current cryptocurrency exchanges have API features. This is almost a prerequisite for the floor to be able to compete with each other.

Exchanges are constantly updating and upgrading their API Key feature, why?

Most recently I saw Kucoin also upgraded and released API 2.0. This shows that transactions through the use of API are increasingly interested in the floor.

Of course, this will be more beneficial to our traders, since the more options there are.

Here are some points to pay attention to when using the API Key that I have summarized.

How should permissions be granted on the API?

Normally when creating (Generate) API Key, the floor always gives us 3 options:

Read Info (General): Allows 3rd party applications to read account information.

For example: balance, transaction history, Buy / Sell Orders ...

Enable Trading (Trade): Allows 3rd party applications to perform transactions on floor accounts.

Example: Place Place Buy / Sell Order, cancel ...

Enable Withdrawals (Withdraw): Allows 3rd party applications to withdraw money from the floor account to another wallet address.

It is possible to divide the 3 options above into 3 different Access Levels. So which level should you choose?

The answer depends on each person's needs !!

Someone just wants to use Apps outside to read (track) information about changes in balance, transaction history on the account of the exchange. Someone wants to use the automated Bot to make transactions quickly and automatically. Others need to send / receive money in the floor account.

My need is to use a 3rd party application to read my account balance, transaction history and use the Bot to Auto Trading. So I only agreed to allow Read Info and Enable Trading rights when I started creating API Key.

Where should the API Key be stored for safety

In the cryptocurrency market, you must all know the importance of having your private keys.

Here, API Key is of similar importance. Because once the API Key is available, the bad guys have full rights to use it just like what you gave when the original Generate.

Normally after creating API Key, the floor will provide Public Key and Private Key or public key and private key.

After about 30 minutes after creating the API Key, the floor will hide the Private Key.

This is also considered a way to protect users of the floor from losing API Key.

However, storing the API Key by yourself is still necessary.

How 1: Save API Key (Public Key and Private Key) into certain .txt file or word file.

After saving your API Key to the file, you compress it with Winrar software and set a password for the archive.

In this way, you can save the compressed file in your computer hard drive, USB or throw it straight to the cloud (cloud storage services, for example: Google Drive, Dropbox, Mediafire ...). Only when you need to download and extract to use.

This is to say the most convenient way, even if you store the private key of the wallet. Because Key can be recovered anywhere, just connect to the Internet.

How to 2: No need to store API Key.

As I mentioned above, the Private Key will be hidden after about 30 minutes from initialization. The crook can also do nothing if only the Public Key. Therefore API Key is always in a secure state.

However, with this way, you can not get back the Private Key anymore. The only way to continue using it is to create a new API Key.

When should I delete API Key?

The deletion of the API Key here is meant to remove or invalidate that API Key on 3rd party applications.

That is, even with this API Key, but when you delete it on your floor account, the external application can not do anything on your account.

Whenever you discover or sense something violate from the outside via API Key, you should immediately delete the API Key.

To delete API Key, all you need to do is access the API part of your trading account and click the delete button.

What to note when using the API to Trade coins safely

Anyone who has API Key can access your broker's floor account. Therefore, it is best not to share it with anyone.

You should pay attention to licensing using API Key before officially creating (Create) API.

Only Read Info and Enable Trading levels should be allowed. Enble Withdrawals permission should not be granted when it is not needed.

If you need Withdrawals through the API, you should install additional protective layers eg Google Authenticator, Email verification, SMS verification.

API Key should only be created on high security and good support floors. Because of the practical use, you may need support.

Especially related to API Key.

This ensures you are timely support. The floors I assess with high security are listed in the next section.

API Key should only be entered into 3rd party applications when certain about their security. You should take the time to learn how they secure and store the API.

There is no absolute security, including the case of hacking. API Key is also likely to be hacked.

So, whenever you feel the API is being compromised, you should delete it immediately. Also, check for security before creating a new API.

Be more careful !!


Hope through my article today has brought a lot of useful information for you.

Do not forget to join Coin98 Research Group on Facebook and Telegram.

Hello and see you again in the next article!

Leave a Reply

Notify of