1. Deribit Support
  2. Support
  3. Technical Information

Creating new API key on Deribit

  • Updated

You can create new Deribit API key using front-end interface or by Deribit API. If you want to use the API, please head to Creating the API key using the API.

Notice

Please note your first API key has to be created using front-end interface.

Front-end interface

api_section.png

Press ‘Add new key’ on the right side of the interface.

asymmetric_keys_new_key.jpeg

Select between Deribit-generated key and Self-generated key. Please refer to Asymmetric API keys for more details.

asymmetric_keys_self_generated_key.jpeg

Declare scopes and other API key details:

  • Scopes: Describes maximal access for authorization with given key. Please head to official documentation for more details.

  • Name field: This is a custom input you can enter to use as an identifier for the key.

  • Features field: Additional optional features related to this API key. They may be expanded in future releases.

    1. Restricted Block Trades feature

      Restricted block trades feature limits the block_trade:read scope of the API key to block trades that have been made using this specific API key. This method can be employed to restrict the visibility of user private block trades with third parties to whom the user has provided their API key.

    2. Block Trade Approval Feature

      Block trade approval introduces an additional layer to the block trade verification process. When activated, it necessitates an additional approval from the user from a different API key before a block trade can be executed with the specified API key. This functionality provides users with enhanced oversight, particularly when a registered partner possessing an API key intends to carry out a block trade on their behalf.

  • IP Whitelisting: An additional security feature, this field restricts which IPs can connect using this IP.

api_scopes.png

Once created you will receive Client ID and Client Secret

Client ID:The Client ID is a public identifier of the API key. It's not a secret. It can be exposed in web browsers, source code, or wherever else without immediate security concerns. It's mainly used to identify the key and is not used on its own for authentication.

Client Secret: The Client Secret is a confidential piece of information. Think of it as a password. It should be kept secret and never exposed to the public. Exposing the Client Secret can lead to serious security risks. It's used, in combination with the Client ID, to authenticate.

test_key.png

Creating the API key using the API

To create an API key via the Deribit API, use the private/create_api_key endpoint. Please note that this is a private endpoint and requires prior authentication through the public/auth method.

Request 

{
  "method": "private/create_api_key",
  "params": {
    "name": "test_key",
    "max_scope": "account:read trade:read_write wallet:read"
  },
  "jsonrpc": "2.0",
  "id": 1
}

Response 

{
  "jsonrpc": "2.0",
  "id": 1,
  "result": {
    "max_scope": "trade:read_write wallet:read account:read",
    "ip_whitelist": [],
    "client_secret": "5gE6eyXwolP4RcVmsNqq8rhjtnjv5M1_HNHUHKAXsgt",
    "client_id": "GgUXjYUj",
    "enabled_features": [],
    "timestamp": 1721816749587,
    "name": "test_key",
    "id": 11,
    "enabled": true,
    "default": false
  }
}

Testing out your new API key

You can test your new API key in the Deribit API console. Simply click the link to be redirected to the console, where you will already be authenticated with your new API key.

api_console_link.png
api_console_auth.png