MAX Exchange RESTful API
URL: https://max-api.maicoin.com//v2
Introduction
To provide programmable methods for users to trade automatically, MAX Exchange has published a RESTful API. Published API includes both a public and private one. The main differences between are listed below:
Type | Authentication | Rate Limits | Note |
---|---|---|---|
Public API | Not required | 1200 requests per IP address every 1 minutes | Ready to use |
Private API | authentication required | 1200 requests per person every 1 minutes | request for API token first |
Authentication
To use our private API, you will need to create an account, pass verification, and then get access/secret keys first. After signing up please visit API Tokens page to get your keys.
When your access/secret keys are ready, please enter in the following information into request headers to pass authentication:
Header Name | Value |
---|---|
X-MAX-ACCESSKEY | Your access key |
X-MAX-PAYLOAD | Payload generated according to your request body |
X-MAX-SIGNATURE | Signature generated according to your secret key and payload |
Payload is a string encoded from request body; while signature is a hash of your payload, generated using your secret key. Take JavaScript for example:
const request = require('request')
const crypto = require('crypto')
let access_key = <Your Access Key>
let secret_key = <Your Secret Key>
// path is request path like /api/v2/members/me.json
// nonce is a timestamp in positive integer, stands for milliseconds elapsed since Unix epoch.
// nonce must be within 30 seconds difference of server time, each nonce can be used only once
// other parameters needed in body depends on your request content
let body = {
path: '/api/v2/members/me.json',
nonce: Date.now(),
<Other parameters if needed...>
};
let payload = new Buffer(JSON.stringify(body)).toString('base64');
let signature = crypto.createHmac('sha256', secret_key).update(payload).digest('hex');
let options = {
method: 'GET',
headers: {
'X-MAX-ACCESSKEY': access_key,
'X-MAX-PAYLOAD': payload,
'X-MAX-SIGNATURE': signature
},
uri: 'https://max-api.maicoin.com//v2/members/me.json',
json: true,
body: body
};
request(options, function(error, response, body) { ... });
Response Format
Corresponding HTTP status code will be used in API response. MAX Exchange will also return a JSON structure including error details on failed request, for example:
{"error":{"code":1001,"message":"market does not have a valid value"}}
All errors follow the message format above. “Code” is a MAX Exchange defined error code which indicates the error's category. ”Message” is the error details in human-readable format.
MAX Exchange returns HTTP 200 response on a successful request, with requested data in JSON format. For details, please refer to API List
Tips/Caveats
RESTful API are asynchronous operations. Getting a response back only means requests have been accepted, however it does not mean the operation has completed). Please keep this in mind especially for "cancel order" operations. Cancelled orders may have unfinished trades or there may be many cancel requests in the queue. To get the latest information or an order, please check with the endpoint "/api/v2/order" or use the WebSocket.