Institution
Prices
Sign In Sign Up
Developers

Build on OSL-TRADE

Programmatic access to market data, trading and account management through a unified REST and WebSocket API. The same regulated infrastructure that powers our apps, exposed for your own products, bots and integrations.

Quick start

From zero to your first request

Public market-data endpoints need no authentication. Trading and account endpoints require a signed API key.

Create an account

Sign up and complete verification. Individual and business accounts both support API access in supported regions.

Generate API keys

From account settings, create a key pair and scope it to read-only, trade or withdrawal permissions. Store the secret securely — it is shown only once.

Call the API

Point your client at the base URL below and request live prices in a single call. Add a signature header when you are ready to trade.

Base URL

All REST requests are made over HTTPS to https://api.osl-trade.com. The current stable version is v1, so every path is prefixed with /v1. Real-time streams connect to wss://stream.osl-trade.com/v1. Full reference material lives in our developer documentation.

Reference

Core REST endpoints

A representative subset of the API surface. See the full docs for every parameter, error code and response schema.

Method Endpoint Description
GET /v1/markets List all tradable markets with status, base and quote assets, tick size and lot size.
GET /v1/ticker Latest price, 24h change, high, low and volume for one symbol or the whole board.
POST /v1/orders Place a limit or market order. Requires a signed request and trade permission.
GET /v1/account Retrieve balances, positions and account status. Requires a signed request.

WebSocket streams

For low-latency data, subscribe to real-time channels over WebSocket instead of polling. After connecting to wss://stream.osl-trade.com/v1, send a subscribe message for the ticker, trades, orderbook or orders channel and you will receive incremental updates as they happen. Private channels use the same key and signature scheme as the REST API.

Authentication

API keys & request signing

Private endpoints are protected with API keys and an HMAC signature — never a plain password.

API keys

Each key pair is a public key and a private secret. Send the public key in the OSL-API-KEY header on every private request. Keys are scoped: grant read-only access for dashboards, trade access for execution bots, and keep withdrawal permission disabled unless you truly need it. You can rotate or revoke a key at any time, and we recommend IP-allowlisting each key.

HMAC signing

Sign each private request by computing an HMAC-SHA256 of the timestamp, HTTP method, request path and body using your secret. Send the result in OSL-API-SIGN and the millisecond OSL-API-TIMESTAMP used to build it. Requests whose timestamp drifts more than a few seconds from server time are rejected, which prevents replay attacks. The secret itself never leaves your machine.

Example

Your first call

Fetch the latest BTC-USDT ticker. This public endpoint needs no signature.

curl -X GET \
  "https://api.osl-trade.com/v1/ticker?symbol=BTC-USDT"

Signed request

curl -X POST "https://api.osl-trade.com/v1/orders" \
  -H "OSL-API-KEY: your_public_key" \
  -H "OSL-API-TIMESTAMP: 1720224000000" \
  -H "OSL-API-SIGN: hmac_sha256_of_the_request" \
  -H "Content-Type: application/json" \
  -d '{"symbol":"BTC-USDT","side":"buy","type":"limit","price":"65000","size":"0.01"}'
Fair use

Rate limits

Per-key budgets

Public market-data requests share a generous per-IP budget; private endpoints are metered per API key so one integration never starves another.

Read the headers

Every response returns your remaining quota and reset time. Back off when you approach the limit rather than retrying blindly.

429 handling

If you exceed a limit you receive HTTP 429. Retry with exponential backoff, and prefer WebSocket streams over tight polling loops.

FAQ

Developer questions

Access to the API is included with your account. Standard trading and settlement fees apply to orders you place through it, exactly as they do in the apps.
The REST and WebSocket APIs are plain HTTPS and JSON, so any language works. Official helper libraries and code samples are linked from the full documentation.
Yes. A separate sandbox lets you test order placement and streaming against simulated balances before you point your integration at live markets. Request access from your account dashboard.

Start building today

Create an account, generate a scoped API key and ship your first integration against live, regulated markets.

API access is provided for informational and execution purposes only and does not constitute investment advice. Prices of virtual assets can be highly volatile and orders placed programmatically execute at prevailing market conditions. Test thoroughly in the sandbox, secure your keys, and assess your risk tolerance before trading with real funds.