Korbit provides a RESTful API for developers to: authenticate users, place orders, view packed and open orders, transfer KRW or BTC, and list all user activities including history of trades and transfers.
API call rate limit
To ensure the quality and reliability of our API service, the API calls are limited to a certain rate threshold. Creating / refreshing access token calls are limited to 60 calls vanaf 60 minutes, Ticker calls are limited to 60 calls vanaf 60 seconds, All other calls combined, are limited to 12 calls vanaf 1 2nd.
Implement user login to receive and refresh access tokens, which voorwaarde be included te API requests for user-specific deeds.
Prior to using Korbit API, you need to authenticate a user. Spil Korbit API provides OAuth Two.0 interface, you get an access token after a successful authentication. For each API request, you need to set Authorization HTTP header with the access token.
API Keys and Secrets
You need to request an API key and secret to use Korbit API. All Korbit users can get the API key through the Korbit webstek. You can sign ter into your Korbit account by rechtstreeks authentication API call, which requires username and password te the bod of the Postbode request to get an access token (and a refresh token). Te this document, <,CLIENT ID>, denotes an API key, and <,CLIENT SECRET>, denotes a corresponding API secret.
Scope is used to limit the rights of each API key to specific deeds
Nonce & Access Token
APIs that commence with v1/user access or modify resource of a user on the server. So you need to provide an access token and nonce for each request. You can get the access token after a successful authentication. For the nonce, you can specify a monotonously enlargening number to it. To permit only one client to send API requests and to process a request only merienda, Korbit API server processes clients&rsquo, requests only if the nonce value monotonously increases. For GET requests, you don&rsquo,t need to provide a nonce. For Postbode requests, you can provide the nonce te the figure with the other parameters.
Instead of passing username and password for each API request, you pass the access token you got after the successful authentication. Before sending the API request to the server, you need to set the Authorization HTTP header with the access token ter the following format.
Because the access token is expired ter an hour, you need to refresh it using the refresh token you got after the successful authentication.
Ongezouten authentication embeds username and password te the Postbode figure.
Access Token, Refresh Token
You can get both access token and refresh token after setting grant_type with &lsquo,password&rsquo, and specifying username and password te the assets of Postbode request to v1/oauth2/access_token.
Refreshing Access Token
Because the access token is expired within an hour, you need to refresh your access token before the expiration using the refresh token. Ter this case you can Postbode a request to v1/oauth2/access_token after setting grant_type to &lsquo,refresh_token&rsquo,.
Getting User Information
You can get information of a user by using the following request.