Application Programming Interface (API) keys can be generated on your Kraken account to allow external applications permission to perform actions on your account such as trades, access account funding, or track the data on your Kraken account.
This article assumes that you are aware of the security risks involved in generating API keys for your account.
Two-factor Authentication (2FA) is one way of reducing the risks of API keys.
How to set up 2FA for an API key
1. Sign in to your Kraken account
2. Click on the "Security" tab. Scroll down and click the "On/Off" dial under “API keys”.
3. Click on the "SET IT UP"-button for your chosen Two-factor Authentication (2FA) method and follow the instructions below accordingly.
Method: Authenticator App (most secure)
1. Select the functions that Two-factor Authentication will be required for. Then, click "Next" to continue. Only advanced users should change the settings by clicking "Change this setting".
Note that the function selections are not currently enabled, so the 2FA code will be required for all API calls using this API key.
2. Open the Authenticator app on your device and either scan the QR code provided, or manually enter the provided “Authenticator Secret Code”. Then, enter the numeric code that appears in the Authenticator app, and click “Save”.
3. Congratulations, that's it! You have successfully set up 2FA using an Authenticator app for that API key.
Method: Static Password (least secure!)
1. Select the functions that Two-factor Authentication will be required for. Enter a custom password in accordance with the "Password Rules" into the "Password" and "Confirm Password" fields and click "Save".
Note that the function selections are not currently enabled, so the 2FA password will be required for all API calls using this API key.
2. Congratulations, that's it! You have successfully set up 2FA using a Static Password for that API key.