API Access
Domains
Two domains are utilised for REST endpoints and WebSocket channels, the difference between the two being if the request is public, or requires authentication.
Endpoints that require authentication should use the domain:
(https | wss)://api.bitfinex.com/
Public endpoints should use the domain:
(https | wss)://api-pub.bitfinex.com/
API Keys
In order to access the parts of the API which require authentication, you must generate an API key and an API secret using this page
You can generate as many API keys as you would like, and each of those keys can be customised in a few ways.
| PERMISSIONS | Read | Write |
| ACCOUNT INFO | ||
| ACCOUNT HISTORY | ||
| ORDERS | ||
| MARGIN TRADING | ||
| MARGIN FUNDING | ||
| WALLETS | ||
| WITHDRAW |
Nonce
Your security is essential to us. For every authenticated action taken via the Bitfinex API, a nonce is required. Nonces are used to guard against replay attacks. If multiple requests arrive at the API with the wrong nonce (e.g. because of an async timing issue) the API will reject the request.
This means that you will need a separate API key for each client if you want to use multiple HTTP or WebSocket connections concurrently.
Updated about 4 years ago