Create API key

curl --request POST \
  --url https://relay.bayse.markets/v1/user/me/api-keys \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "<string>"
}
'

{
  "id": "3f7a1b2c-d4e5-6789-abcd-ef0123456789",
  "name": "Trading bot",
  "publicKey": "pk_live_abcdef123456",
  "secretKey": "sk_live_secret789xyz",
  "signingInstructions": {
    "algorithm": "HMAC-SHA256",
    "headers": ["X-Public-Key", "X-Timestamp", "X-Signature"],
    "payloadFormat": "{timestamp}.{method}.{path}.{bodyHash}",
    "timestampWindowSeconds": 300
  },
  "createdAt": "2026-02-17T10:30:00Z"
}

POST

user

api-keys

Create API key

curl --request POST \
  --url https://relay.bayse.markets/v1/user/me/api-keys \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "<string>"
}
'

{
  "id": "3f7a1b2c-d4e5-6789-abcd-ef0123456789",
  "name": "Trading bot",
  "publicKey": "pk_live_abcdef123456",
  "secretKey": "sk_live_secret789xyz",
  "signingInstructions": {
    "algorithm": "HMAC-SHA256",
    "headers": ["X-Public-Key", "X-Timestamp", "X-Signature"],
    "payloadFormat": "{timestamp}.{method}.{path}.{bodyHash}",
    "timestampWindowSeconds": 300
  },
  "createdAt": "2026-02-17T10:30:00Z"
}

Authentication

Requires x-auth-token and x-device-id headers. Obtain these by calling the login endpoint with your Bayse account credentials.

You can also create API keys in the Bayse web app at app.bayse.markets/settings/api-keys, or in the web app, via More > Account Settings > API Keys in the Developer Tool section. Use this endpoint when you want to create keys programmatically.

Request body

name

string

required

A descriptive label for this key (e.g. "Production", "Trading bot"). Each API key must have a unique name in your account.

Example request

curl -X POST https://relay.bayse.markets/v1/user/me/api-keys \
  -H "x-auth-token: YOUR_AUTH_TOKEN" \
  -H "x-device-id: YOUR_DEVICE_ID" \
  -H "Content-Type: application/json" \
  -d '{"name": "Trading bot"}'

Response

string

Unique identifier for this API key.

name

string

The name you provided.

publicKey

string

Public key (pk_*) — include this in the X-Public-Key header on all authenticated requests.

secretKey

string

Secret key (sk_*) — use this to generate HMAC signatures. Only returned on creation.

signingInstructions

object

Instructions for generating valid request signatures.

Show signingInstructions fields

algorithm

string

Signing algorithm — "HMAC-SHA256".

headers

array

Headers required for write authentication.

payloadFormat

string

Format of the value to sign — "{timestamp}.{method}.{path}.{bodyHash}".

timestampWindowSeconds

integer

Maximum age of a timestamp before the signature is rejected.

createdAt

string

ISO 8601 creation timestamp.

{
  "id": "3f7a1b2c-d4e5-6789-abcd-ef0123456789",
  "name": "Trading bot",
  "publicKey": "pk_live_abcdef123456",
  "secretKey": "sk_live_secret789xyz",
  "signingInstructions": {
    "algorithm": "HMAC-SHA256",
    "headers": ["X-Public-Key", "X-Timestamp", "X-Signature"],
    "payloadFormat": "{timestamp}.{method}.{path}.{bodyHash}",
    "timestampWindowSeconds": 300
  },
  "createdAt": "2026-02-17T10:30:00Z"
}

The secretKey is only shown once. Store it securely — it cannot be retrieved again. If lost, rotate the key to generate a new one.

Documentation Index

​Authentication

​Request body

​Example request

​Response

Authentication

Request body

Example request

Response