In order to start using the API, you will first need to create your API key and API secret. To do so, follow these steps.
Step 1: Log into your Poloniex account and navigate to the settings tab
Step 2: Navigate to the API Keys subtab within the settings tab
The API page will show this screen, as you currently have not enabled, nor set up any API keys.
Step 3: Click the Enable API button and enter your 2FA code to access the next steps
Once entered, you will need to confirm the action via the email sent to your email address associated with your Poloniex account. Please check your email for a message from email@example.com to confirm this action quickly. As a security measure, the link will expire in 15 minutes.
Once confirmed you will be redirected to Poloniex with a new notification.
Step 4: Now that the API has been enabled you will need to create your new API key by clicking the create new key button
You will need to enter your 2FA info once again for this step.
Step 5: Once you have entered your 2FA information you will need to verify the creation of your API key via an email sent to the email associated with your Poloniex account
Similarly to step 2, please check your email for a message from firstname.lastname@example.org to confirm this action. Once you have confirmed the creation of your API key via the email you will be redirected back to Poloniex where you will then be presented with your API key and your API secret
Please note that the API key and the secret have been obscured as you should never reveal your API key and secret in tandem unless you are absolutely sure it is safe.
You will notice that by default withdrawals are disabled and you will need to manually enable withdrawal functionality. This is done for security purposes as withdrawals queued up through the API will bypass all forms of verification such as 2FA and email confirmation.
This concludes the setup and creation of your API keys. Here are a few important takeaways to note:
- Withdrawals are disabled by default for security purposes as API withdrawals bypass all withdrawal verifications such as 2FA and email confirmation
- IP access restriction is disabled by default
- You can enable IP access restriction so that your API key set can only be accessed by a particular API, but it should be noted that this feature should only be enabled on a static IP address, as a dynamic IP address will change over time and you will not be able to interact with the API from the new IP address