API Keys

Create and manage your keys

API Key Management

Create and manage your API keys for programmatic trading

Full trading and account management

Real-time market data streams

HMAC-SHA256 signed requests

curl "https://fintrusted.com/market/data/quotations/coin?coin=btc"

# Authenticated requests need an Authorization header with your JWT from /uc/v2/login.

curl -H "Authorization: $TOKEN" \

"https://fintrusted.com/uc/asset/spot-wallets"

GET/market/data/quotations/homeAll tickers

GET/market/data/quotations/coin?coin=btcSingle coin ticker

POST/tx/spot/addPlace spot order

POST/tx/spot/cancelCancel spot order

GET/uc/asset/spot-walletsSpot wallet balances

Restrict IP addresses

Always whitelist the IPs that will access the API. Never leave IP restrictions empty in production.

Use minimal permissions

Only enable permissions your application needs. Separate read-only and trading keys.

Never share your secret

Your API secret is shown only once at creation. Store it in a secure vault, never in source code.

Rotate keys regularly

Create new keys periodically and decommission old ones to limit the impact of a compromised key.

Monitor API activity

Review your API usage logs frequently for unexpected requests or patterns.

Use environment variables

Store API keys in environment variables or secrets managers, never hard-code them in your application.