OpenApi Basic Information
API Basic Information
baseurl
https://openapi.exchange1.com
All endpoints return either a JSON object or array.
Data is returned in Reverse order. newest first, oldest last.
All time and timestamp related fields are in milliseconds.
HTTP Error Codes
HTTP
4XX
return codes are used for malformed requests; the issue is on the sender's side.HTTP 410 return code is used when breaking a request rate limit.
HTTP 418 means that if you continue to access after receiving 429, you will be blocked from IP, and the blocking time will be gradually extended from a minimum of 2 minutes to a maximum of 3 days for frequent violations of the restrictions.
HTTP
5XX
return codes are used for internal errorsHTTP
504
return code is used when the API successfully sent the message but not get a response within the timeout period. It is important to NOT treat this as a failure operation; the execution status is UNKNOWN and could have been a success.All endpoints can possibly return an ERROR, the error payload is as follows:
General Information
All requests are based on the Https protocol, and the
Content-Type
in the request header information needs to be uniformly set to:'application/json'
For the interface of the
GET
method, the parameters must be sent in thequery string
The interface of the
POST
method, the parameters must be sent in therequest body
Parameters may be sent in any order.
LIMITS
Access restrictions are based on IP or UID, not API Key.
The statistics by IP and by UID (account) are independent of each other.
The total weight of single interface weight according to IP statistics is 12,000 per minute
The total amount of interface weights by UID is 60,000 per minute
Each interface will indicate whether the statistics are by IP or by UID, and the weight value of the corresponding request once
There will be a limited frequency description below each interface.
A 429 will be returned when either rate limit is violated.
A 429 will be returned when either rate limit is violated.
Endpoint Security Type
Each endpoint has a security type that determines the how you will interact with it.
API-keys are passed into the Rest API via the
X-CH-APIKEY
header.API-keys and secret-keys are case sensitive.
NONE
Endpoint can be accessed freely.
TRADE
Endpoint requires sending a valid API-Key and signature.
USER_DATA
Endpoint requires sending a valid API-Key and signature.
USER_STREAM
Endpoint requires sending a valid API-Key.
MARKET_DATA
Endpoint requires sending a valid API-Key.
SIGNED (TRADE 与 USER_DATA) endpoint security
When calling the
TRADE
orUSER_DATA
interface, the signature parameter should be passed in theX-CH-SIGN
field in the HTTP header.The signature uses the
HMAC SHA256
algorithm. TheAPI-Secret
corresponding to the API-KEY is used as theHMAC SHA256
key.The request header of
X-CH-SIGN
is based ontimestamp
+method
+requestPath
+body string
(+ means string connection) as the operation objectThe value of
timestamp
is the same as theX-CH-TS
request header,method
is the request method, and the letters are all uppercase:GET/POST
requestPath
is the request interface path For example:/sapi/v1/order
body
is the string of the request body (post only)The signature is not case sensitive.
Timing Security
The signature interface needs to pass the timestamp in the
X-CH-TS
field in the HTTP header, and its value should be the unix timestamp of the request sending time e.g.1528394129373
An additional parameter,
recvWindow
, may be sent to specify the number of milliseconds aftertimestamp
the request is valid for. IfrecvWindow
is not sent, it defaults to 5000.In addition, if the server calculates that the client's timestamp is more than one second ‘in the future’ of the server’s time, it will also reject the request.
The logic is as follows:
Serious trading is about timing. Networks can be unstable and unreliable, which can lead to requests taking varying amounts of time to reach the servers. With recvWindow
, you can specify that the request must be processed within a certain number of milliseconds or be rejected by the server.
It recommended to use a small recvWindow of 5000 or less!
SIGNED Endpoint Examples for POST /sapi/v1/order
Here is a step-by-step example of how to send a vaild signed payload from the Linux command line using echo
, openssl
, and curl
.
apiKey
vmPUZE6mv9SD5V5e14y7Ju91duEh8A
secretKey
902ae3cb34ecee2779aa4d3e1d226686
symbol
BTCUSDT
side
BUY
type
LIMIT
volume
1
price
9300
Signature example
body:
HMAC SHA256 Signature:
Curl command :
Last updated