OKX-Connect
If your business platform offers cryptocurrency services, you can apply to join the OKX-Connect Program, become our partner connect institute, enjoy exclusive connect services, and earn high rebates through trading fees generated by OKX users.
The OKX-Connect Program includes, and is not limited to, integrated trading platforms, trading bots, copy trading platforms, trading bot providers, quantitative strategy institutions, asset management platforms etc.
- Click to apply
- Connect rules
- If you have any questions, feel free to contact our customer support.
Relevant information for specific OKX-Connect Program documentation and product services will be provided following successful applications.
Connect Guide
Common API for OKX-Connect
When the OKX connect-institute calls the OKX API interface, when the request parameter has tag, please be sure to enter your exclusive Connect code information to realize the association between the order and the connect-institute.
Core trading
Algo trading
Convert
Connect Type
Introduction
There are 2 types of OKX-Connect. API Connect and OAuth Connect. If you are trading aggregator platform, trading bot platform, technical provider, asset management platform or a social trading platform, OKX-Connect will be the most suitable option for you
API Connect
- Use OKX API to connect institutions with OKX to enjoy OKX's unique products
- Users are able to create API keys on OKX and provide them to the connect-institutes where they can use the institution UI to trade while choosing OKX as the exchange
OAuth Connect
- OAuth login provides your users a safer and more convenient way for users to use your product
- Connect-institutes can provide OAuth authorisation where API keys are automatically created for users
- More details can refer to OKX-Connect homepage
OKX-Connect advanges:
- User's API safety
- FAST API, a more convenient and safer method for users to create API keys
- Third-party IP whitelists, strengthen security where only trades executed via your whitelisted servers can be executed
OAuth Connect
Introduction
OAuth login provides your users a safer and more convenient way to use your product.
With OKX OAuth 2.0, users can trade with OKX after one-click authorization from third-party applications. No password or account API key is required.
OKX OAuth 2.0 is available in both Web and Mobile applications and is developed based on some new features in the OAuth 2.0 protocol (RFC 6749) and the OAuth 2.1 draft protocol.
To receive documents for OAuth, please contact your BD.
Preparation before Integration
- Register your account and apply for connect via the official website
You need to apply for an OAuth connect first and gain access toclient_idandclient_secretinformation after approval.
Integration Procedures:
- Institutions apply for OKX accounts.
- Institutions apply to be an OAuth connect via OKX official website and fill out the application form and fields with red asterisk are mandatory.
- OKX will review the application form within 2 days after receiving it.
- The institution will receive an email notification including
client_idandclient_secretonce the application form is approved by OKX's platform.
Introduction of authorization mode
OKX OAuth 2.0 provides: authorization code mode and PKCE mode.
| Authorization mode | Descriptions | Scenario |
|---|---|---|
| Authorization code mode | With user authorization, the third-party app provides client_secret to get authorization code. access token and refresh token can be retrieved based on authorization codes. | The application has a server, which can store app keys and interact with the OKX OAuth server . |
| PKCE mode | With User authorization, the third-party app provides code_verifier as a temporary key to obtain authorization code. access token and refresh token can be retrieved based on authorization codes. | The application has no server (or does not want the back-end server to intervene in the authorization process), therefore it cannot store the app key or interact with the OKX OAuth server through random characters. |
Authorization code mode
This mode is available in both App and Web application. User authorizes third-party application from an authorisation page, which receives user authorization code. After that, application exchanges it for access token, which can be used to call OKX OpenAPI.
PKCE mode
If the third-party application does not have a server or does not want the server to participate in the authorization process or not able to store the third-party app key (client_secret), then this mode is recommended to obtain token through client device access to effectively enhance the security of developer applications.
Usage of Token
Differences between tokens
After the third-party application calls the token exchange endpoint through authorization code, there will be two types of tokens.
- access token : Used for third-party apps to call OKX OpenAPI endpoint.
- refresh token : Used for obtaining a new access token when the previous one expires.
How to use
Example
curl -H "Content-Type:application/json" \
-H "Authorization:Bearer ******" \
-H "TERMID:32cf9c63-6737-4ab5-b1ab-8858ae659185" \
https://us.okx.com/api/v5/asset/currencies
After the third-party app completes the authorization and obtains the token, it will be able to call the OKX OpenAPI endpoint through the access token. When requesting, you need to carry the following information in the request header:
| Header Parameters | Required | Descriptions |
|---|---|---|
| Authorization | Yes | Fill in the access token as bearer to this field, e.g. Access token is "1234567890", then the content of the field should be "Bearer 1234567890" |
| TERMID | Conditional | This field is used to verify the validity of the request If the request is initiated by the third-party client device app (such as selecting PKCE mode), the client device should include the device ID when requesting again If the request is initiated by the third-party app server (if the authorization code mode is selected), there is no need to fill in this field |
Token validity
- access token : Valid within 1 hour
- refresh token : Valid within 3 days
If the access token expires, the endpoint will no longer be accessible. If the refresh token is still within the valid period, the third-party app needs to call the refresh token endpoint to obtain a new pair of access token and refresh token. The new access token can continue to be used.
When a new access token is retrieved via refresh token, the old access token cannot be used regardless of whether it has expired or not.
When you revoke the token, the original one will no longer be valid.
Permissions
| Permissions Scope | Descriptions |
|---|---|
| read_only | For read-only function permissions (not include sub-account modules) |
| trade | For trading function permissions (not include sub-account modules) |
Fast API
Introduction
Fast API is a feature that helps OKX users quickly authorize third-party apps, create API Keys and bind third-party apps.
After the Connect user logs in on the Connect-institute interface, he can jump to the login OKX page through Oauth authorization. After the login authorization on the OKX page, OKX will authorize the API connect to create an API Key for his user with read-only and trade permissions.
Application process
Apply for API and OAuth Connect on OKX
- It is recommended to apply for a third-party APP IP Whitelist
- It is recommended to apply for a third-party APP IP Whitelist
In the Oauth Connect application, provide
- Third-Party Servers IP Whitelist
- Redirect URL
- Logo
- Fast API permissions
- Cross Domain Name
After your application is successful, you will receive an email with client_id and client_secret. Please keep this information safe and do not show it to others.