Skip to main content

Overview

The HTTP API allows read access to public market data through the public endpoints and read / write access to your private account via the private endpoints.

  • HTTP API: https://api.poloniex.com/

Authentication (API Signature) is not required for any public requests.

Private HTTP endpoints e.g. https://api.poloniex.com/orders are authenticated using HMAC-SHA256 signed request. See details here Authentication.

Symbol convention is <base_currency>_<quote_currency> e.g. BTC_USDT, which is opposite from legacy system, which follows <quote_currency>_<base_currency> format e.g. USDT_BTC.

Authentication

Authentication (API Signature) is not required for any public requests.

All private HTTP endpoints require authentication using HMAC-SHA256 signed request with the following headers:

  • key” - entry whose value is api caller’s apiKey. e.g. “A…-99…”
  • signatureMethod” - optional entry whose value is signature method. e.g. “hmacSHA256”
  • signatureVersion” - optional entry whose value is signature version. e.g. “1“
  • signTimestamp” - entry whose value is a timestamp. e.g. “1649371360000“
  • signature” - entry whose value is the signature generated by API caller for the request. e.g. “4F…%3D”.
  • "recvWindow" - optional entry whose value is duration in milliseconds. e.g. "1500". This field provides an additional layer of control, where if specified, the request will be rejected if the (poloniex system time - signTimestamp) is in excesss of recvWindow. Below are the error code responses:
    • 400: signTimestamp is more than 1 second from poloniex system time
    • 408: request timeout as recWindow threshold has been breached

Note: POST\DELETE requests should contain application/json type content and be in valid JSON format.

Signature Example Code

We provide signature codes in three languages, Java/Python/NodeJS, and examples of request codes, Here.

API Signature Generation

Steps:

  1. Compose a “Request String” to be used for the generation of the digital signature which would include:
    • Method type (GET/POST/DELETE/etc) followed "\n" e.g. GET\n
    • Access path, followed "\n" e.g. /orders\n
    • Add the timestamp parameter and List of parameters sorted by ASCII order delimited by & e.g.: limit=5&signTimestamp=1659259836247&symbol=ETH_USDT
    • NOTE: all parameters must be URL/UTF-8 encoded. i.e. space is encoded as "%20"
    • The final string for the signature generation, based on the example values above will be:
      GET\n
      /orders\n
      limit=5&symbol=ETH_USDT
    • DELETE or POST Method with http body, for example: To cancel orders by IDs:
      /orders/cancelByIds\n
      • Add requestBody and timestamp:
        requestBody={"orderIds":["1234567890"],"clientOrderIds": ["myId-1"]}
        signTimestamp=1631018760000
      • Timestamp needs to be added. Timestamps are valid for 1 minute. Connect the parameters in the above order with the character "&":
        requestBody={"orderIds":["1234567890"],"clientOrderIds":["myId-1"]}&signTimestamp=1631018760000}
      • The final string to be used for signature calculation is composed as follows:
        DELETE\n
        /orders/cancelByIds/\n
    • DELETE or POST Method with no http body, for example : To Cancel Order by Id: /orders/1
      • Timestamp needs to be added. Timestamps are valid for 1 minute.

        signTimestamp=1631018760000
      • The final string to be used for signature calculation is composed as follows:
        DELETE\n
        /orders/1\n
        signTimestamp=1631018760000
  2. Generate a digital signature using the "Request String" generated in the previous step and your key (Secret Key):
    • Call the HmacSHA256 hash function to get the hash value with the request string and API private key obtained in the previous step as two parameters.
    • Encode this hash with base-64 and the resulting value is used as the digital signature for this interface call.
    • Example: 5g4Rx5A2bLyMWFgR3Aqp+B4w+iJkL7n5OD3SuYtCJK8=
  3. Request example using the above generated signature:

Note: POST\DELETE requests should contain application/json type content and be in valid JSON format.

Sample GET command:

curl -X GET \
--header 'key: A3xxxxxx-99xxxxxx-84xxxxxx-72xxxxxx' \
--header 'signatureMethod: HmacSHA256' \
--header 'signatureVersion: 2' \
--header 'signTimestamp: 1631018760000' \
--header 'signature: 5g4Rx5A2bLyMWFgR3Aqp+B4w+iJkL7n5OD3SuYtCJK8=' \
'https://api.poloniex.com/orders?symbol=ETH_USDT&limit=5'

Rate Limits

You can use the following table and refer to the frequency limit rules to rationally use your trading strategy.

Email client services (api-support@poloniex.com) with any questions.

Note: Interfaces related to transactions and accounts are frequency limited based on the UID dimension. The market-related interfaces are frequency limited based on IP latitude. VIP level refers to the fee level.

TypeInterface NameMethodUrlVIP0VIP1-2VIP3-4VIP5-6VIP7-9
OrderCreate OrderPOST/orders5075100150200
Create Multiple OrdersPOST/orders/batch1015203040
Cancel Replace OrderPUT/orders/{id}5075100150200
Open OrdersGET/orders5075100150200
Order DetailsGET/orders/{id}5075100150200
Cancel Order by IdDELETE/orders/{id}5075100150200
Cancel Multiple Orders by IdsDELETE/orders/cancelByIds1015203040
Cancel All OrdersDELETE/orders1015203040
Kill SwitchPOST/orders/killSwitch5075100150200
Kill Switch StatusGET/orders/killSwitchStatus5075100150200
AccountAccount InformationGET/accounts5075100150200
All Account BalancesGET/accounts/balances5075100150200
Account ActivityGET/accounts/activity1015203040
Accounts TransferPOST/accounts/transfer5075100150200
Accounts Transfer RecordsGET/accounts/transfer1015203040
Fee InfoGET/feeinfo5075100150200
Interest HistoryGET/accounts/interest/history5075100150200
SubaccountsSubaccount InformationGET/subaccounts1015203040
Subaccount BalancesGET/subaccounts/balances5075100150200
Subaccount TransferPOST/subaccounts/transfer5075100150200
Subaccount Transfer RecordsGET/subaccounts/transfer1015203040
WalletsDeposit AddressesGET/wallets/addresses5075100150200
Wallets Activity RecordsGET/wallets/activity1015203040
New Currency AddressPOST/wallets/address5075100150200
Withdraw CurrencyPOST/wallets/withdraw1015203040
Withdraw Currency V2POST/v2/wallets/withdraw1015203040
MarginAccount MarginGET/margin/accountMargin5075100150200
Borrow StatusGET/margin/borrowStatus5075100150200
Maximum Buy/Sell AmountGET/margin/maxSize5075100150200
Smart OrdersCreate OrderPOST/smartorders5075100150200
Cancel Replace OrderPUT/smartorders/{id}5075100150200
Open OrdersGET/smartorders1015203040
Order DetailsGET/smartorders/{id}5075100150200
Cancel Order by IdDELETE/smartorders/{id}5075100150200
Cancel Multiple Orders by IdDELETE/smartorders/cancelByIds1015203040
Cancel All OrdersDELETE/smartorders1015203040
Order HistoryOrders HistoryGET/orders/history1015203040
Smart Orders HistoryGET/smartorders/history1015203040
TradesTrade HistoryGET/trades1015203040
Trades by Order IdGET/orders/{id}/trades5075100150200
TypeInterface NameUrlRate Limit (per second)
Public DataSymbol Information/markets/{symbol}200
Currency Information/currencies/{currency}
CurrencyV2 Information/v2/currencies/{currency}
System Timestamp/timestamp
Prices/markets/{symbol}/price
Mark Price/markets/{symbol}/markPrice
Mark Price Components/markets/{symbol}/markPriceComponents
Order Book/markets/{symbol}/orderBook
Candles/markets/{symbol}/candles
Trades/markets/{symbol}/trades
Ticker/markets/{symbol}/ticker24h
Collateral Info/markets/{currency}/collateralInfo
Borrow Rates Info/markets/borrowRatesInfo
Symbol Information/markets30
Currency Information/currencies
CurrencyV2 Information/v2/currencies/{currency}
Prices/markets/price
Mark Price/markets/markPrice
Ticker/markets/ticker24h
Collateral Info/markets/collateralInfo