API v2 - https://cryptxc.com/api/v2/

Public/Private API

CryptXC's API v2 includes both a public API and private API. Below outlines which API requires to use.

Public APIPrivate API
No Authentication RequiredAuthentication Required
Unlimited6000 Requests/5 Minutes.
Ready to useYou require an access/secret key first before use.


To use the Private API, you need to request your access/secret key first. After you have signed up and verified your account, please visit API Tokens Page to request your keys.

All Private API functions require 3 authentication parameters and zero or more API specific parameters. The 3 authentication parameters are:

access_keyYour access key.
toncetonce is a timestamp in integer, it stands for milliseconds elapsed since Unix Epoch. Tonce must be within 30 seconds of server's current time. Each tonce can only be used once.
signatureSignature of the API request which is generated by you, use your secret key.

Signature is a hash of the request (in canonical string form):

hash = HMAC-SHA256(payload, secret_key).to_hex

Payload is a combination of HTTP verb, uri, and query string:

# canonical_verb is HTTP verb like GET/POST in upcase.
# canonical_uri is request path like /api/v2/markets.
# canonical_query is the request query sorted in alphabetica order, including access_key and tonce, e.g. access_key=xxx&foo=bar&tonce=123456789
# The combined string looks like: GET|/api/v2/markets|access_key=xxx&foo=bar&tonce=123456789
def payload

Note: query parameters are sorted in payload, so it must be "access_key=xxx&foo=bar" not "foo=bar&&access_key=xxx".

Suppose my secret key is 'yyy', then the result of HMAC-SHA256 of above payload is:

hash = HMAC-SHA256('GET|/api/v2/markets|access_key=xxx&foo=bar&tonce=123456789', 'yyy').to_hex
     = 'e324059be4491ed8e528aa7b8735af1e96547fbec96db962d51feb7bf1b64dee'

Now we hav a signed request which can be used like this:

curl -X GET 'https://cryptxc.com/api/v2/markets?access_key=xxx&foo=bar&tonce=123456789&signature=e324059be4491ed8e528aa7b8735af1e96547fbec96db962d51feb7bf1b64dee'

Response Format

Corresponding HTTP status code will be used in an API response. CryptXC will also return a JSON structure including error details on failed request, for example:

{"error":{"code":1001,"message":"market does not have a valid value"}}

All errors follow the message format above, the only things that change are the code or message. "code" is a CryptXC defined error code which indicates the error's category, "message" is human-readable details.

CryptXC will return HTTP 200 response on a successful request, with requested data in JSON format.

Data TypeExampleComments
{"at":1476434446, "ticker":{"buy":"880.33.0","sell":"936.75","low":"876.44","high":"933.33","last":"890.01","vol":"11.11"}}

at:Timestamp / Seconds since Epoch

buy/sell:Current buy/sell price

low/high:Lowest/highest price in last 24 hours

last:Last price

vol:Trade volume in last 24 hours


sn:Unique identifier of user

name:User name

email:User email

activated:Whether user is activated

accounts:User's accounts info, see Account


currency:Currency Type

balance:Account balance, excludes locked funds

locked:Locked funds (on orders etc)


id:Unique Order ID


price:Order Price

avg_price:Average trade price

state:wait, done or cancel. 'wait' represents the order is active, it may be a new order or partial complete order; 'done' means the order has been fulfilled completely; 'cancel' means the order has been cancelled.

market:Market order belongs to

created_at:Order creation time

volume:Volume to buy/sell

remaining_volume:remaining_volume is always less or equal than volume

executed_volume:volume = remaining_volume + executed_volume

trades:The order's trade history, see Trade. Note: not all order include trades, only detailed order data returned by certain API will.


id:Unique ID

price:Trade price


market:The market trade belongs to

created_at:creation time

{"asks": [...],"bids": [...]}

OrderBook shows all orders on market.


Buy 1 LTC at price 0.00388966 BTC:

curl -X POST 'https://cryptxc.com/api/v2/orders' -d 'access_key=your_access_key&tonce=1234567&signature=computed_signature&market=ltc&price=0.00388966&side=buy&volume=1'

Create multiple orders with a single request:

curl -X POST 'https://cryptxc.com/api/v2/orders/multi' -d 'access_key=your_access_key&tonce=123456789&signature=computed_signature&market=ltcbtc&orders[][price]=0.00388966&orders[][side]=sell&orders[][volume]=0.5&orders[][price]=0.00388966&orders[][side]=sell&orders[][volume]=0.99'


POST /api/v2/order/deleteCancel order is an asynchronous operation. A success response only means your cancel request has been accepted, it doesn't mean the order has been cancelled. You should always use /api/v2/order or websocket api to get order's latest state.
POST /api/v2/orders/clearCancel all your orders is an asynchronous operation. A success response only means your request has been accepted. The orders in response may or may not have been cancelled yet.


API List

All API's are listed below with details. Those that require access_key/tonce/signature are Private API's.