API Security - What account information does the API expose?
One of the most popular uses for our API is to allow a third party service (such as a trading bot or a crypto portfolio manager) to access an account and make trades. With this type of third party account access, API key security is paramount, hence our API takes specific precautions to prevent any sensitive account data from being divulged.
In short, our API provides access to all of the information that is needed to manage the account and make trades, but does not expose any information that could be used to identify an account or the account owner.
The following are some specific details of the information that is available via our API and the information that is restricted:

Available Information

Depending upon the API key permissions that are enabled, some or all of the following information might be available via the API:
  • Account balance and margin status
  • Current orders, positions and trades
  • Historical orders, positions and trades
  • Deposit/Withdrawal transactions (only limited information)
  • Account history (previous transactions, balance histories, etc.)

Restricted Information

Regardless of the API key permissions, the following information is never available via the API:
  • Username/password
  • Two factor authentication
  • Account owner's name
  • Contact information (address, email, phone, etc.)
  • Verification documents (ID, proof of address, etc.)
Please feel free to contact our API support team if you have any questions regarding API security, and don't hesitate to contact our Account Security team if you need assistance with your account's security settings.