API Key Management

Create and manage your API keys for programmatic trading

API Docs

REST API

Full trading and account management

WebSocket API

Real-time market data streams

Authentication

HMAC-SHA256 signed requests

Quick Start

curl "https://fintrusted.com/market/data/quotations/coin?coin=btc"

# Authenticated requests need an Authorization header with your JWT from /uc/v2/login.

curl -H "Authorization: $TOKEN" \

"https://fintrusted.com/uc/asset/spot-wallets"

API Endpoints

GET/market/data/quotations/homeAll tickers

GET/market/data/quotations/coin?coin=btcSingle coin ticker

POST/tx/spot/addPlace spot order

POST/tx/spot/cancelCancel spot order

GET/uc/asset/spot-walletsSpot wallet balances

API Key Management

Security Best Practices

Restrict IP addresses

Always whitelist the IPs that will access the API. Never leave IP restrictions empty in production.

Use minimal permissions

Only enable permissions your application needs. Separate read-only and trading keys.

Never share your secret

Your API secret is shown only once at creation. Store it in a secure vault, never in source code.

Rotate keys regularly

Create new keys periodically and decommission old ones to limit the impact of a compromised key.

Monitor API activity

Review your API usage logs frequently for unexpected requests or patterns.

Use environment variables

Store API keys in environment variables or secrets managers, never hard-code them in your application.

API Key Management

Create and manage your API keys for programmatic trading

API Docs

REST API

Full trading and account management

WebSocket API

Real-time market data streams

Authentication

HMAC-SHA256 signed requests

Quick Start

curl "https://fintrusted.com/market/data/quotations/coin?coin=btc"

# Authenticated requests need an Authorization header with your JWT from /uc/v2/login.

curl -H "Authorization: $TOKEN" \

"https://fintrusted.com/uc/asset/spot-wallets"

API Endpoints

GET/market/data/quotations/homeAll tickers

GET/market/data/quotations/coin?coin=btcSingle coin ticker

POST/tx/spot/addPlace spot order

POST/tx/spot/cancelCancel spot order

GET/uc/asset/spot-walletsSpot wallet balances

API Key Management

Security Best Practices

Restrict IP addresses

Always whitelist the IPs that will access the API. Never leave IP restrictions empty in production.

Use minimal permissions

Only enable permissions your application needs. Separate read-only and trading keys.

Never share your secret

Your API secret is shown only once at creation. Store it in a secure vault, never in source code.

Rotate keys regularly

Create new keys periodically and decommission old ones to limit the impact of a compromised key.

Monitor API activity

Review your API usage logs frequently for unexpected requests or patterns.

Use environment variables

Store API keys in environment variables or secrets managers, never hard-code them in your application.