Authentication

To receive private data such as your account, order, and position updates, you must first authenticate the current WebSocket connection.

1. Authentication Process

Establish a WebSocket connection successfully.
Construct and send a login message using your API Key, Secret Key, and Passphrase. The signing algorithm is identical to the one used for the REST API.
Wait for the server to return the authentication result.

2. Signing

String to Sign: timestamp + GET + /users/ws/auth
- timestamp: Must be an ISO 8601 formatted UTC timestamp that exactly matches the timestamp field in your login message.
- GET and /users/ws/auth are fixed values defined for WebSocket authentication.

3. login Message

Example Request:

{
  "op": "login",
  "args": [
    {
      "apiKey": "your-api-key",
      "passphrase": "your-passphrase",
      "timestamp": "2023-10-27T10:30:00.123Z",
      "sign": "generated-hmac-sha256-signature"
    }
  ]
}

Server Success Response:

{
  "event": "login",
  "success": true,
  "ts": 1678889400123
}

Server Failure Response:

{
  "event": "error",
  "code": "60001",
  "msg": "Authentication failed: invalid signature.",
  "ts": 1678889400123
}

Once authenticated, the connection is authorized to subscribe to all private channels. If the connection is dropped, you must reconnect and authenticate again.

PreviousChannels & Subscriptions NextHeartbeat

Last updated 3 months ago