Helpdesk
  • Overview
    • Welcome to Finery Markets
    • About Our Products
      • FM Liquidity Match
        • Master Account
        • Sub-Account
      • FM Pulse
      • White Label solution
  • Product Features
    • Onboarding
    • Risk Management
    • Trading
      • Aggregated Order Book
      • Firm Order Book
      • Pending Limit Orders (GTC)
      • RFQ
      • Toxic Flow Protection
      • Markups
      • Authorized trading
      • Non-Deliverable Trading
      • Voice Trading
      • Interdealer Trading
    • Position Management
    • Settlements
      • Automated Settlements
      • Addresses
    • Control Center
      • Multi-Roles
      • Notifications
      • Reporting
      • Bulk Edit
    • Referral program
  • API Reference
    • Quick Start with API
      • For Market Makers
      • For Takers
    • Data Types
    • REST API
      • Client management
        • getSubaccounts
      • RFQ
        • getSettings
        • getSettings (authorized)
        • getUserSettings (authorized)
        • setUserSettings (authorized)
        • getProviders
        • getSessions
      • Trading
        • add
        • add (authorized)
        • Pending limit orders
          • add (pending limit order)
          • add (pending limit order) (authorized)
          • del
          • del (authorized)
          • delAll
          • delAll (authorized)
          • orders
          • orders (authorized)
        • mod
        • del
        • delAll
        • book
        • voiceTrade
        • liquidationTrade
        • dealHistory
        • dealHistory (authorized)
        • instruments
        • positions
        • instrumentMarkups
        • addInstrumentMarkups
        • delInstrumentMarkups
      • Settlements
        • settlementRequests
        • settlementOrders
        • settlementTransactions
        • settlementHistory
        • settlementTransactionHistory
        • addIncomingSettlementRequest
        • delIncomingSettlementRequest
        • delIncomingSettlementCPRequest
        • addOutgoingSettlementTransaction
        • addIncomingSettlementTransaction
        • sendSettlementTransaction
        • commitIncomingSettlementTransaction
        • delSettlementTransaction
      • Risk Management
        • climits
        • setCLimit
        • delCLimit
        • subaccountsLimits
        • setSubaccountLimit
        • delSubaccountLimit
        • enableTrading
        • disableTrading
        • cAssetLimits
        • setCAssetLimit
        • delCAssetLimit
        • cShortSalesBan
        • setShortSalesBan
        • delShortSalesBan
        • enableInstrumentsWhitelist
        • setInstrumentsWhitelist
        • disableInstrumentsWhitelist
        • instrumentsWhitelist
      • Non-deliverable Trading
        • settings/getOvernightRates
        • settings/setOvernightRates
    • Websocket API
      • Feed 'A' - Assets
      • Feed 'P' - Positions
      • Feed 'L' - Counterparty limits
      • Feed 'B' - Global order books
      • Feed 'F' - Tradable order books
      • Feed 'R' - Settlement requests
      • Feed 'N' - Settlement transactions
      • Feed 'K' - Positions
      • Feed 'O' - Orders
      • Feed 'S' - Settlement orders
      • RFQ
    • FIX API
      • Admin messages
      • Market Data
      • Trade
        • Trading for Takers
        • Trading for LPs and Masters
    • Troubleshooting Errors
      • List of Error Codes
      • Error 3
      • Error 6
      • Error 7
      • Error 14
Powered by GitBook
On this page
  1. API Reference

REST API

PreviousData TypesNextClient management

Last updated 1 year ago

Use these endpoints to send REST requests (or for test environment).

There are general rules for all REST requests:

  • All calls should be signed using key/secret pair

  • All calls are POST requests

  • All calls use application/json format

  • Additional nonce (unsigned int64) and timestamp (Efx::Timestamp) parameters are required

  • EFX-Key and EFX-Sign HTTP headers are used for authentication

To authenticate a request send additional headers:

EFX-Key: your public key

EFX-Sign: content signature. Concatenate a name of an API method with payload string and sign it with your private key using HMAC SHA384.

In order to protect from attacks, it is required to send a nonce and timestamp. Any new value of nonce must be bigger than the previous one. You may use the same nonce with multiple keys, but make sure its value is constantly increasing.

Do not use the same key with multiple asynchronous REST services, it will be difficult to synchronise nonce values.

See an example of REST request below. Generating a signature for REST request using key/secret pair (javascript with CryptoJS lib):

let method = "dealHistory"
let content = {
    "instrument": "BTC-USD"
}

let payload = JSON.stringify({
  ...content,
  "nonce": 12345,
  "timestamp": new Date().valueOf()
})

// Put your API keys there
let key = "RlZ4sKsHSr5zmYKIzbtf772J9y9gx8nekd8COrawI5V"
let secret = "cZpZ1vwzOaXuiONfIQVg8h6za97FoHhrwwgoSCNwDAR"

let signature = CryptoJS.HmacSHA384(method + payload, secret).toString(CryptoJS.enc.Base64)

const response = axios({
    method: 'POST',
    url: this.host + method,
    headers: {
        'EFX-Key': key,
        'EFX-Sign': signature,
        'Content-Type': 'text/html'
    },
    data: payload
}).then((response) => {
    let data = response.data
    console.log("Response received", data)
}).catch(function (error) {
    switch (error.response.status) {
        case 400: {
            let data = error.response.data
            let errorCode = data.error // data.error contains error code
            console.log("Error received:", errorCode)
            break
        }
        default: {
            // some unhandled error (connection error for example)
            console.log("Error received:", response)
            break
        }
    }
})

Important. To create a valid signature concatenate a method name with a payload string. Use the same payload string as you send in the request.

https://trade.finerymarkets.com/api
https://test.finerymarkets.com/api