TWM Wiki

Description

How to Retrieve API Keys


In this section you will find how to connect your favourite exchanges to TWM.

Binance

Note: If you don’t plan to trade live but only want to retrieve data or use the local simulator, you can leave the API key fields blank.

If you want to place trades on Binance using TWM you will need to generate two specific types of API keys on the Binance platform: HMAC and ED25519.

  1. HMAC works for Futures Market Websocket connection and for all REST API requests.
  2. ED25519 keys are used for the Spot Market Websocket connection.

Below is a detailed walkthrough of the process to generate these keys:

  1. It's necessary to download the key generator from Binance's github, visit the following URL: https://github.com/binance/asymmetric-key-generator/releases.
  2. From the releases page, download the latest version of AsymmetricKeyGenerator-setup-vX.X.X.exe and its corresponding checksum file.
Image

And finally, run the Asymmetric Key Generator application.

Generate ED25519 Key:

After opening the Asymmetric Key Generator application:

  1. select "Ed25519" (1)
  2. (Optional) Insert a passphrase (2)
  3. And finally, click on the "Generate Key Pair" button (3)
Image

Once the keys are generated, you will see a Private Key (1) and a Public Key (2), you can copy or save them:

Image


1. Log in to your Binance account. (https://accounts.binance.com/en/login)

2. Navigate to Account (https://www.binance.com/en/my/dashboard), then select API Management (https://www.binance.com/en/my/settings/api-management).

3. Click the Create API button.

Image


4. Choose the Self-Generated option.

Image


5. A window will appear prompting you to insert a public key.

-Paste the Public Key saved earlier from the Asymmetric Key Generator application into the prompt box.

Image


6. You'll need to insert a Label for the API Key (es. "TWM"), and then click next

Image


7. Binance will provide an API Key, copy it

Image


and paste it into TWM connection configurator:

Image


8. From the Asymmetric Key Generator window:

-Copy the Private Key. For this step, copy only the key itself, without the -----BEGIN PRIVATE KEY----- and -----END PRIVATE KEY----- parts.

Image


9. In the TWM Binance connection configurator, paste this into the Websocket Private Key field.

Image


10. To enable Trading, it's necessary to toggle the "Enable Spot & Margin Trading".

Image


It could be necessary to enable the "Restrict access to trusted IP's only"

Image


Note: You can find your IP on https://whatismyipaddress.com/


Generate HMAC Key:

1. Log in to your Binance account. (https://accounts.binance.com/en/login)

2. Navigate to Account (https://www.binance.com/en/my/dashboard), then select API Management (https://www.binance.com/en/my/settings/api-management).

3. Click the Create API button.

Image


4. Choose the System Generated option.

Image


5. You'll need to insert a Label for the API Key (es. "TWM_REST"), and then click next

Image


6. Copy both the API and Secret key

Image


-And paste them into TWM

Image


Notes:

  1. Be cautious if you have a dynamic IP address, which can change frequently (even multiple times a day). Using a dynamic IP with IP whitelisting can lead to connection issues. If you've set up a connection with IP whitelisting and later find you cannot log in or connect, re-check your IP address using the link above. If it has changed, you'll need to update the whitelisted IP address(es) in your Binance API key settings.
  2. IP Filtering for Older Accounts: Some older Binance accounts, particularly those created before futures trading was introduced, might require users to set up an IP filter by default to trade futures.
  3. Enable Futures Account: By default, some Binance accounts may not have their Futures trading account fully enabled. If your API keys are correctly set up but the TWM connection still fails (especially for futures), ensure your Binance Futures account is properly activated. You can find guidance on this here: https://www.binance.com/en/support/faq/detail/360033772992.


Bybit

API Key Requirements

For retrieving market data through TWM, an API key and secret are not required from Bybit. If you only need market data, you do not even need a Bybit account; simply set up a connection in TWM without entering any keys.

However, an API key and secret must be set up if you intend to place orders or read your account information via TWM.


  1. Prerequisite: Unified Trading Account (UTA)
  2. Activate it by going here: https://www.bybit.com/user/assets/home/tradingaccount
  3. And click on "Upgrade Now"
Image

Here you can find additional info about UTA Account: https://www.bybit.com/en/help-center/article/FAQ-Unified-Trading-Account

Before setting up an API key for trading or account access, it is crucial to ensure your Bybit account is configured as an Unified Trading Account (UTA), since TWM does not support the classic Bybit account structure.

Identifying your account type:

If your Bybit dashboard lists "Spot" and "Derivatives" (or Futures) as separate balances or sections, you likely have a classic account. An UTA merges these into a single account.

Upgrading to UTA:

For information on how to upgrade your account to a UTA, please contact Bybit support. Often, this is a straightforward process that can be initiated by clicking an "Upgrade to UTA" button or prompt within the Bybit interface and typically takes only a couple of minutes.

1. You can access Bybit's API management page by logging into your account and navigating to https://www.bybit.com/app/user/api-management.

2. Click on create a New Key

Image


3. Click on "System-generated API Keys"

Image


4. On the next screen

  1. Select API Transaction (1),
  2. Give a name to the API Key (ex. "TWM") (2)
  3. Select "Read-Write"
  4. (Optional) Select "Only IP's…." and insert your IP address, to look up for your IP address, please go to https://whatismyipaddress.com/
Image

5. Give the permission as shown in the image.

- "Unified Trading"

- "Orders"

- "Positions"

- "USDC Derivates Trading"

- "Trade"

These permissions are essential if you want to be able to trade from whitin the TWM software.

And finally, click "Submit" (5)

Image

6. Copy Both the API and Secret Key

Image


6. Paste them into TWM

Image


Crypto.com

Supported Features

Please note that TWM currently supports only SPOT symbols for the Crypto.com connection.

API Key Requirements

To access public data such as historical information, order books, and live data streams from Crypto.com through TWM, you do not need to provide any credentials like an API key or secret.

However, if you wish to trade or receive updates on your user-specific data (like account balances or positions), you will need to create an API key within your Crypto.com account and configure it in TWM.

Creating Your API Key on Crypto.com


1. Navigate to the API Management section. You can typically find this by:

- Clicking on your account avatar (usually located in the top-right corner of the screen).

- Selecting the "Manage Account" option from the dropdown menu.

- Choosing the "API Management" tab.

Image


2. Click on the option to "Create a new API key."

Image


3. A modal window or new page will appear for configuring the API key permissions. Ensure you:

- Check the permission for "Can Read."

- Check the permission to "Enable Trading."

- You must whitelist your IP address for this API key as a security measure.

Image



4. After the API key is successfully created on Crypto.com, make sure to copy your API Key and Secret Key.

- And paste them into TWM

Image


Important Informations

Here are some general tips and important points to keep in mind when setting up and using connections in TWM:

Regional Availability & VPN Usage:

Before setting up a connection, please verify that the services of the chosen exchange are available in your geographical region. If access is restricted, you may need to use a VPN (Virtual Private Network).

Copying API Keys and Secrets:

When copying your API keys and secret keys, be meticulous. Ensure that you do not accidentally include any extra spaces (whitespace) before or after the actual key strings, as this will cause authentication to fail.

Initial Historical Data Download:

The first time you request data for a specific trading instrument (e.g., a currency pair like BTC/USDT) through TWM, the software will attempt to download all available historical data for that instrument from the exchange. This happens regardless of the specific time period you initially request. Please allow this comprehensive first download to complete fully before proceeding with further actions or analysis for that instrument.

Type of API Keys (System-Generated vs. Self-Generated):

During the API key creation process on an exchange, you might be asked to choose between system-generated or self-generated (e.g., HMAC vs. Ed25519) API keys. For TWM's purposes, either type is generally acceptable unless specified otherwise for a particular exchange. For details on the differences between these key types, please refer to the information provided by the exchange itself during the creation process.

Naming Your API Keys:

It's good practice to assign a descriptive name to your API keys when you create them on the exchange. While the specific name doesn't affect TWM's functionality, it helps you identify the key for your personal records and management. Some exchanges may even require you to name the key before you can proceed. Always pay attention to prompts and hints in the exchange's user interface to ensure all required fields are completed.

Troubleshooting Connection Issues & API Key Expiry:

If a connection that was previously working suddenly fails, and you've already ruled out IP address filtering as the cause, check the API key configuration settings on the exchange's website. Some exchanges issue API keys that have an expiration date. If your key has expired, you will need to generate a new one.

Understanding Connection Behavior:

Connections without API Keys: If you set up a connection in TWM without entering an API key and secret, TWM will still attempt to connect to the exchange to access public data (like market data feeds). However, you will not be able to execute trades or retrieve private account information (like balances or positions).

Connections with Incorrect/Expired API Keys:

If you do provide API keys but they are incorrect (e.g., mistyped, contain extra spaces) or have expired, the connection will fail. TWM will typically display a generic error message such as "Check your credentials."

Previous
Connections
Next
Market Data

This website uses cookies to enhance your browsing experience. By continuing to use our website, you agree to our Privacy Policy

Necessary cookies help make a website usable by enabling basic functions such as page navigation and access to protected areas of the site.

  • Necessary cookies

    .AspNet.Consent

    Indicates whether the user has consented to the use of necessary cookies.

    Maximum storage duration: 1 Year | Type:Necessary cookies
    .AspNetCore.Antiforgery

    Used to prevent CSRF attacks and protect user data.

    Maximum storage duration: Session | Type: Necessary cookies
    .AspNetCore.Cookies

    Used to manage authentication information and the user's session.

    Maximum storage duration: 1 Year | Type: Necessary cookies
    .AspNetCore.Culture

    Used to store user's language preferences.

    Maximum storage duration: 1 Year | Type: Necessary cookies
    __Secure-OSID

    Security cookie set by Google to authenticate users and prevent fraudulent use of login credentials.

    Maximum storage duration: 6 Months | Type: Necessary cookies
    __Host-3PLSID

    Ensures you stay connected to your Google accounts across various services.

    Maximum storage duration: 2 Years | Type: Necessary cookies
    AEC

    Used to verify your Google account and ensure that requests in sessions come from you.

    Maximum storage duration: 6 Months | Type: Necessary cookies
    HSID

    Security cookie used by Google to authenticate users and prevent fraudulent use of login credentials, protecting user data.

    Maximum storage duration: 2 Years | Type: Necessary cookies
    SEARCH_SAMESITE

    This cookie prevents the browser from sending the cookie along with cross-site requests, helping to mitigate the risk of cross-origin information leakage.

    Maximum storage duration: 6 Months | Type: Necessary cookies
    SID

    Important for Google's security and to ensure that Google can authenticate the account and block fraudulent access attempts.

    Maximum storage duration: 2 Years | Type: Necessary cookies
    SIDCC

    Security cookie to protect user data from unauthorized access.

    Maximum storage duration: 1 Year | Type: Necessary cookies
    __Host-1PLSID, __Host-3PLSID

    Crucial cookies to ensure that you remain securely logged into your Google accounts while accessing various Google services.

    Maximum storage duration: 2 Years | Type: Necessary cookies

Functional cookies allow the website to provide enhanced functionality and personalization. They may be set by the website owner or by third parties whose services have been added to the pages.

  • Functional Cookies

    LSOLH

    Used by Google to store session information and enhance the user's experience on Google services.

    Maximum storage duration: Session | Type: Functional Cookies
    COMPASS

    Used by Google to improve user navigation by remembering preferences and information, such as preferred language.

    Maximum storage duration: 6 Months | Type: Functional Cookies
    ACCOUNT_CHOOSER

    Remembers which accounts have been used to log into Google services on the device.

    Maximum storage duration: 1 Year | Type: Functional Cookies
    APISID

    Used by Google to store user preferences and information when viewing pages with Google maps.

    Maximum storage duration: 2 Years | Type: Functional Cookies
    LSID

    Used by Google to store user preferences while viewing pages that incorporate Google services.

    Maximum storage duration: 2 Years | Type: Functional Cookies
    NID

    Used by Google to remember user preferences, such as preferred language, to provide a more personalized experience.

    Maximum storage duration: 6 Months | Type: Functional Cookies
    SAPISID

    Used by Google to collect information about visitors for videos hosted on YouTube or maps integrated with Google Maps.

    Maximum storage duration: 2 Years | Type: Functional Cookies
    __Host-GAPS

    Used by Google to store user preferences and information when pages containing maps or Google services are viewed.

    Maximum storage duration: 2 Years | Type: Functional Cookies

Statistical cookies help website owners understand how visitors interact with the site by collecting and transmitting information anonymously.

  • Statistical Cookies

    CLID

    Unique identifier used to track user interactions and maintain unique sessions.

    Maximum storage duration: 1 Year | Type: Statistical Cookies
    MR

    Microsoft cookie that collects data on user interactions to improve services.

    Maximum storage duration: 7 days | Type: Statistical Cookies
    SM

    Used by the Microsoft Clarity analytics suite to maintain the user's session.

    Maximum storage duration: Session | Type: Statistical Cookies

Marketing cookies are used to track visitors on websites. The intent is to display relevant and engaging ads for the individual user.

  • Marketing Cookies

    AID

    Used by Google to link your activity across devices if you have logged in with the same Google account.

    Maximum storage duration: 1 Year | Type: Marketing Cookies
    ANONCHK

    Used by Microsoft Advertising to check the anonymity of data sent by tracking cookies.

    Maximum storage duration: 10 minutes | Type: Marketing Cookies
    MUID

    Microsoft cookie used to track user interactions across Microsoft domains.

    Maximum storage duration: 13 Months | Type: Marketing Cookies
    __Secure-3PSID, __Secure-3PAPISID, __Secure-3PSIDTS, __Secure-3PSIDCC

    Google cookies designed to build a profile of your preferences and show you relevant ads on other sites, protecting the Google account.

    Maximum storage duration: 2 Years | Type: Marketing Cookies
    ADS_VISITOR_ID

    Used by Google to identify and track visitors across various websites to display personalized advertising.

    Maximum storage duration: 2 Years | Type: Marketing Cookies
    OTZ

    Used by Google to personalize ads on Google properties, like Google Search.

    Maximum storage duration: 1 Month | Type: Marketing Cookies
    __Secure-1PAPISID, __Secure-1PSID

    Used by Google to deliver more relevant ads and protect the security of your preferences and Google account information.

    Maximum storage duration: 2 Years | Type: Marketing Cookies

Cookies are small text files that can be used by websites to make the user's experience more efficient.

The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies, we need your permission. This means that cookies classified as necessary are processed under Article 6(1)(f) of the GDPR. All other cookies, namely those belonging to the categories of preferences and marketing, are processed under Article 6(1)(a) of the GDPR.

This site uses different types of cookies. Some cookies are placed by third-party services that appear on our pages.

You can change or revoke your consent at any time from the Cookie Statement on our website.

Learn more about who we are, how you can contact us, and how we process personal data in our Privacy Policy.

Specify your consent ID and the date you contacted us regarding your consent.

Privacy