BlueBit.io provides both HTTP and WebSocket APIs for interacting with the exchange. You can use either of these APIs to get read access to public market data and use a private API to get private read access to your account.
The public HTTP endpoints are accessed via
GET requests while the private endpoints are accessed via HMAC-SHA512-signed
DELETE requests using API keys. Both types of HTTP endpoints return results in the JSON format.
You can use the WebSocket API to receive push notifications informing you about any updates to public order books and your private account. Similar to the HTTP API, information related to your private account is obtained via HMAC-SHA512-signed requests using API keys.
All endpoints are relative to the base URLs:
Required parameters are marked as required.
The following two HTTP headers must be present in any REST request:
Key— specifies a public key
Sign— specifies a hash for decrypting the payload
The payload is contained in a JSON request body. The HMAC-SHA512 algorithm is used for payload hashing.
All private REST requests should include the following fields:
ts— a string value indicating the current date and time in the UTC format, for example: “2019-12-20T08:20:51”
nonce— a 64-bit integer value used for authentication of encrypted requests; based on a time frame defined for a public key used for encryption, each
noncevalue must be unique for any request sent within every 22 seconds (for example, once
nonceis assigned a value of
12345, next time this value can be used only in 22 seconds)
To obtain the public and private API keys, proceed as follows:
Log in to the exchange.
Switch to API key management in your profile and click Generate New Key.
Copy the displayed API keys to the clipboard and use them in your application.
The private key is displayed only once: if you fail to save it, you need to generate a new pair of keys.
/frontoffice/*— 1 request per second
/marketdata/*— 2 requests per second