Skip to content


Folders and files

Last commit message
Last commit date

Latest commit


Repository files navigation

BitoPro Official Open API Document

Table of Content

Getting Started

API Key Setup

Web Create Api Key SOP

  1. Log in to your BitoPro account. If you don't have an account, you will need to register and complete identity verification first.

  2. In the upper right corner of the webpage, click on your username or avatar, and select 'API' from the dropdown menu.

  3. You should then see a page titled 'API Management'. On this page, click on 'Create new API key' or a similar button. Alt text

  4. You will need to choose a name for the new API key, and set the permissions you want to grant (such as reading information, conducting transactions, etc.). After selecting the permissions you need, click 'Create' or 'Save'.

Your new API key (including a public key and a private key) should now be generated. Ensure that you keep them in a secure location, and do not allow anyone else to see them, particularly the private key. Anyone who has your private key can access BitoPro under your identity.

Note that the public key and private key are typically only displayed once, so make sure to save them immediately after they are generated. If you lose the key, you might need to delete it and create a new one.

API Security Protocol

An API key and secret are employed to authenticate your account's identity and grant authorization for account operations through programming scripts. It is imperative that programmers adhere to the prescribed protocol to ensure the security of your API requests when managing your BitoPro account.

Note : Please make sure you comprehend the following details thoroughly before utilizing programming scripts for api operations.

API Security Protocol Procedure

  1. Generate API key and secret by following Web Create Api Key SOP.
  2. Check Authentication Header Parameters to understand combination of request header.
  3. Generate payload by following Payload Generation SOP
  4. Generate signature by following Signature Generation SOP
  5. Combine API Key, Payload and Signature into a HTTP request header.

Authentication Header Parameters

Security scheme Header parameter

Payload Generation SOP

The body in JSON encoded into Base64. For GET and DELETE, use {identity: USER_EMAIL, nonce: TIMESTAMP} as body instead.

[payload = parameters-object ->; JSON, encode ->; base64] for POST.

context object payload
GET request { "identity": "", "nonce": 1554380909131} eyJpZGVudGl0eSI6InN1cHBvcnRAYml0b2V4LmNvbSIsIm5vbmNlIjoxNTU0MzgwOTA5MTMxfQ==
POST request, refer to CreateOrder { "action": "BUY", "type": "limit", "price": "1.123456789", "amount": "666", "timestamp": 1554380909131 } eyJhY3Rpb24iOiJCVVkiLCJhbW91bnQiOiI2NjYiLCJwcmljZSI6IjEuMTIzNDU2Nzg5IiwidGltZXN0YW1wIjoxNTU0MzgwOTA5MTMxLCJ0eXBlIjoibGltaXQifQ==

Signature Generation SOP

The hex digest of an HMAC-SHA384 hash where the message is your payload, and use your API SECRETE to sign it. [signature = HMAC-SHA384(payload, api-secret).digest('hex')]

api-secret bitopro
payload eyJpZGVudGl0eSI6ImhjbWxpbmpAZ21haWwuY29tIiwibm9uY2UiOjE1NTQzODA5MDkxMzF9
signature 01a85a9083db47c20da7196380598f3feacd3c76a9077aaf7ffaf08ce0091abf65b61778792607b010921adfe1c2941a

API Example Scripts

API Library


You can obtain the golang sample from the following link.


You can obtain the python sample from the following link.

API General Info

API Endpoint

The RESTful API service is hosted at For the WebSocket API, the base endpoint is wss://

API Version List

API Rate Limit:

  • Open API:
    • 600 requests per minute per IP
  • Auth API:
    • 600 requests per minute per IP
    • 600 requests per minute per user account

note : Some of API has its own rate limit, please check api document. (e.g Create-An-Order)

HTTP Status Code & Error Response

HTTP Status Code Prefix Number HTTP Status Code Error Code Reason Solution
400 Bad Request Request parameters mismatch
401 Unauthorized api key API key has been deleted. Use an available API key.
403 Forbidden No permission Ask your manager or check your apiKey permission setting
404 Resource Not Found Wrong path
408 Request Timeout Send Request Takes Too Long
409 Conflict Local Machine Time Mismatch
422 Unprocessable Entity
429 Too Many Requests Too Many Request
500 Internal Server Error Server Error
502 Bad Gate Way Router Error

Restful API List

Public Restful API

Market Data Endpoints

Private Restful API

Order Endpoints

Account Endpoints

Wallet Endpoints

Websocket Stream List

Public WebSocket Stream

Private WebSocket Stream

Contact us




    • Q1: How can I authenticate with the BitoPro API?

      • A1: Authentication requires providing X-BITOPRO-APIKEY, X-BITOPRO-PAYLOAD, and X-BITOPRO-SIGNATURE in the headers of the HTTP request. The X-BITOPRO-APIKEY is your API key, while the X-BITOPRO-PAYLOAD and X-BITOPRO-SIGNATURE are the results of HMAC SHA384 signing using your API secret.
    • Q2: Where can I find the documentation for the BitoPro API?

      • A2: You can find all the details about the API in BitoPro's official API documentation.
    • Q3: How do I generate an API key for the BitoPro API?

      • A3: You can refer to this link.
    • Q4: What functions does the BitoPro API support?

      • A4: The BitoPro API supports many features, including but not limited to viewing market data, managing transactions, checking account balance, and initiating withdrawals. The specific functionalities depend on the settings of your API key.
  • API Library

    • Q5: The websocket account balance pushes all currencies each time. Is there a way to only push changes?

      • A5: At present, all currencies are pushed. In the next version, only the changed currencies will be pushed.
    • Q6: Does the websocket currently push user transaction reports?

      • A6: Not yet, but this feature will be added in the next version.
    • Q7: How can I set up the Bitopro API trading environment using other programming languages?

      • A7: Currently, examples and environments for applications in other languages can be referred to at this link.
    • Q8: Where can I report issues or make feature requests related to the API?

      • A8: You can join API TG group for reporting or discussion.


No description, website, or topics provided.







No releases published