What is WhiteBIT API?

WhiteBIT API is an automation tool that allows developers to create programs and applications to interact with our exchange. It can be used to perform such actions as creating and managing orders to buy and sell cryptocurrencies, getting information about the market, account balance, and much more.

How to use WhiteBIT API?

Before we can start using the API, we need to enable two-factor authentication (2FA) on the account.

After that, you need to generate API keys, which are used to authenticate the user and provide integration with the API.

Follow the simple instructions to activate the keys:

  • Go to API settings in your account and select "Edit" in the appropriate section;
  • After clicking "Generate API Key", enter your 2FA code;
  • In the window that appears, you will see a pair of API keys - make sure to save them, as you will need them for further authentication of operations in the API interface.


Make sure you keep your Secret Key securely stored, as it will not be recoverable once you close this page. At the same time, your Public Key is always available, and it is not a threat when shared with third parties. Unlike the Secret Key, the Public Key itself offers little opportunity for unwanted actions.

  • On the same page, you can also select the endpoints you plan to use. For API key testing purposes, it is recommended that you select all available endpoints, as you will be able to edit this selection in the future. More information about endpoints will be provided later in the article;
  • Then, confirm your actions by entering the 2FA code;
  • And there you go, your API keys are ready to use!


After creating an API key pair, it is also possible to change IP access. Using the IP address access restriction feature, you can include your own IPv4 and IPv6 addresses in the list of trusted IP addresses.

When this function is activated, if a request for API keys is sent from another IP address, the API keys are automatically deactivated. A notification will be sent to your email address with the public key and the IP address from which the request was sent.

If this IP address belongs to you and is trusted, the API can be reactivated by adding it to the list of trusted IP addresses.

You can add up to 5 addresses to the list of trusted IP addresses.

Back to the list of available endpoints to use, it is important to note that each of the categories and subcategories presented is responsible for a different group of operations for managing your exchange account. You can create and use your keys to perform operations in one or more of the following available categories:

  • Deposit
  • Withdrawal
  • Transfer between balances
  • Wallet balance and history
  • Codes
  • Trading Balance and History
  • Order Management


More detailed information about the functionality of our exchange's API can be found in the technical manual, which is presented in a simple and accessible format.

Extended documentation is also available in the public software repository on GitHub.


You can also use DEMO tokens to test the functionality of our API.

WhiteBIT Webhook

Webhook is used to receive feedback from the server about the execution of various processes on your account, such as successful withdrawal of funds or activation of a WB code.

To activate Webhook keys, you need to follow similar steps as for API keys in the Webhook settings section of your account. There are several ways of activation:

  • Adding the public key to the TXT domain record specified when creating the key;
  • Adding the file “whiteBIT-verification.txt” with the contents of your Webhook public key to the root folder of your site;
  • Creating a “check-wb-webhooks” endpoint on your server that will return the Webhook public key.


To start activating a Webhook key, you need to create it on the exchange. It should be noted that you can create only one Webhook key. To do this, follow the steps below:

  • Go to Webhook settings in your account and select “Edit” in the appropriate section;
  • As with creating API keys, be sure to save the Secret Key in a safe place. Once you close the page with the “Confirm” button, the Secret Key will no longer be available;
  • Done! Webhook keys will be created.


Note that, as with API keys, creating a Webhook key does not automatically enable it. You must move the slider to the active position to activate Webhook.

More detailed information on setting up and using Webhook can be found in the relevant section of our Webhook documentation.

What are the most common questions that come up?

What happens to API and Webhook keys when two-factor authentication (2FA)  is disabled?

  • When 2FA is turned off, your API and Webhook keys will be disabled and can only be reactivated when 2FA is turned on.


Is it possible to create and activate API and Webhook keys via the WhiteBIT mobile app?

  • Unfortunately, no. The process of creating and activating keys is available only in the web version of our exchange.


Do API keys have an expiry date and how many can be created?

  • If an API key remains inactive for 14 days, it will be automatically deactivated for security purposes. The maximum limit of keys available is 5 keys.


Can I use a random domain to test the performance of Webhook keys?

  • Our system does not allow such action. To activate Webhook key, you need to confirm ownership of the domain.


In case of any questions related to the functionality of our exchange, you can:

  • Leave a request on our website;
  • Write to the support email: support@whitebit.com;
  • Write to the chat using the button in the lower right corner of the screen (in the WhiteBIT app, go to “Account”—“Support” in the upper left corner).

Was this article helpful?

1 out of 1 found this helpful