Creating your API keys

All you need to know about creating your API keys

Creating your API keys

To create your API key, please follow these steps:

  1. Sign in to your Kuna account;
  2. Open Settings and navigate to API keys tab;
  3. Name your API key, e.g. "View only" ;
  4. Select the types of permissions assigned to the API key;
  5. You may add a list of IP addresses, which are allowed to use the API key.
    You can do that after the key creation, as well;
  6. Click Create an API key button to complete.

We provide three keys when you generate a new API key:

drawing drawing

We recommend creating different API keys for trading and withdrawal operations.

⚠️

Never share your API key and secret key with anyone!

The reasoning behind two authorization options

"Why 3 keys for one API key instance?", you might ask.

We view those by the tasks at hand you may have, whether it is rapid exploration/testing or building a production-ready system:

  1. The single API key allows you to quickly test new features and endpoints, both manually and during development.
    Simple authorization using request headers, less effort to implement.

  2. The public and secret key pair is a more secure way of operating your production environment.
    It requires each transaction to be signed with the help of a private key.
    Thus, harder to test manually and needs more efforts to be implemented during development.

Of course, it is up to you to decide which option suits your current needs better.
In the Authorizing requests section we describe how to authenticate using both methods.

Setting the right permissions

You may grant certain or all permissions to your API keys.
Below you may find more information regarding each permission and endpoints that work with each.
The more permissions a key has, the more operations it can be used for.

⚠️

It is a good practice to split permissions between various API keys.

This improves security and redundancy of your operations.

Endpoints that work with Only reading permissions:

EndpointsDescription
/v4/private/meView your account info
/v4/private/getBalanceView your wallet balances
/v4/order/private/activeView your active orders
/v4/order/private/detailsView details of a single order
/v4/order/private/historyView your order history
/v4/trade/private/historyView your trades history
/v4/deposit/private/fiat/detailsView details of a single deposit
/v4/deposit/private/fiat/paymentMethodsView available payment methods

Endpoints that work with You can trade permission include all for Only reading plus the following:

EndpointsDescription
/v4/order/private/createCreate a new order
/v4/order/private/cancelCancel a single order
/v4/order/private/cancel/multiCancel multiple orders

Endpoints that work with You can withdraw funds permission include all for Only reading plus the following:

EndpointsDescription
/v4/deposit/private/fiat/createCreate a new deposit

Whitelisting IP addresses

To further improve the security of your account, we recommend whitelisting IPs of your servers, so that your keys may only be used by trusted machines.
In case such API key is attempted to be used by a machine with a non-whitelisted IP will not be executed by the service.

  1. To whitelist IPs for an existing API key, please open the API keys tab, find the API key in question and click Whitelisted IPs ✏ button next to it.
    Alt text
  2. To whitelist IPs when creating a new API key, please click Create ✏ button for the IP whitelist field.
    Alt text

The modal is the same and receives inputs of IP addresses, separated by comma if several.
Click Save list once completed:

Alt text