Application Programming Interface (API) keys can be generated on your Kraken account to allow external applications permission to perform actions on your account such as trades, access account funding or track the data on your Kraken account.
Important Note: The Kraken Pro mobile app and Cryptowatch do not currently support API key 2FA, hence it is necessary to keep 2FA disabled for any API keys that will be used with Kraken Pro or Cryptowatch. Third party services may or may not support API key 2FA, so it is best to confirm with the service directly whether API key 2FA can be enabled or not. Attempting to use API key 2FA with an app or service that does not support 2FA would cause an EAPI:Invalid signature error (or a custom third party error about an authentication failure).
This article assumes that you are aware of the security risks involved in generating API keys for your account.
Two-factor authentication (2FA) is one way of reducing the risks of API keys.
How to set up 2FA for an API key
- Sign in to your Kraken account.
- Click on your name in the upper-right corner of the page.
- Click on Security, then 2FA Settings.
- Scroll down to the API Keys section and toggle the on/off button for the API key that you would like to add a 2FA for:
- Select your 2FA option (2FA App or Password).
- For 2FA App, open the authenticator app on your device and either scan the QR code provided or manually enter the key by selecting View setup Key. Then, enter the numeric code that appears in the authenticator app and select Confirm.
- If using the Password option (least secure), follow the instructions to set up a password and select Confirm.
- Select the actions that Two-factor Authentication will be required for. Then, click Confirm to continue.
Note that the function selections are not currently enabled, so the 2FA code will be required for all API calls using this API key.
- Congratulations, that's it! You have successfully set up 2FA for API key you selected and you will see that it is now enabled.