Rotate API key
curl --request POST \
--url https://relay.bayse.markets/v1/user/me/api-keys/{keyId}/rotateimport requests
url = "https://relay.bayse.markets/v1/user/me/api-keys/{keyId}/rotate"
response = requests.post(url)
print(response.text)const options = {method: 'POST'};
fetch('https://relay.bayse.markets/v1/user/me/api-keys/{keyId}/rotate', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://relay.bayse.markets/v1/user/me/api-keys/{keyId}/rotate",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"net/http"
"io"
)
func main() {
url := "https://relay.bayse.markets/v1/user/me/api-keys/{keyId}/rotate"
req, _ := http.NewRequest("POST", url, nil)
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.post("https://relay.bayse.markets/v1/user/me/api-keys/{keyId}/rotate")
.asString();require 'uri'
require 'net/http'
url = URI("https://relay.bayse.markets/v1/user/me/api-keys/{keyId}/rotate")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
response = http.request(request)
puts response.read_body{
"id": "3f7a1b2c-d4e5-6789-abcd-ef0123456789",
"name": "Trading bot",
"publicKey": "pk_live_abcdef123456",
"secretKey": "sk_live_newsecret456def",
"signingInstructions": {
"algorithm": "HMAC-SHA256",
"headers": ["X-Public-Key", "X-Timestamp", "X-Signature"],
"payloadFormat": "{timestamp}.{method}.{path}.{bodyHash}",
"timestampWindowSeconds": 300
}
}
User
Rotate API key
Generate a new secret key while keeping the same key ID
POST
/
v1
/
user
/
me
/
api-keys
/
{keyId}
/
rotate
Rotate API key
curl --request POST \
--url https://relay.bayse.markets/v1/user/me/api-keys/{keyId}/rotateimport requests
url = "https://relay.bayse.markets/v1/user/me/api-keys/{keyId}/rotate"
response = requests.post(url)
print(response.text)const options = {method: 'POST'};
fetch('https://relay.bayse.markets/v1/user/me/api-keys/{keyId}/rotate', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://relay.bayse.markets/v1/user/me/api-keys/{keyId}/rotate",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"net/http"
"io"
)
func main() {
url := "https://relay.bayse.markets/v1/user/me/api-keys/{keyId}/rotate"
req, _ := http.NewRequest("POST", url, nil)
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.post("https://relay.bayse.markets/v1/user/me/api-keys/{keyId}/rotate")
.asString();require 'uri'
require 'net/http'
url = URI("https://relay.bayse.markets/v1/user/me/api-keys/{keyId}/rotate")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
response = http.request(request)
puts response.read_body{
"id": "3f7a1b2c-d4e5-6789-abcd-ef0123456789",
"name": "Trading bot",
"publicKey": "pk_live_abcdef123456",
"secretKey": "sk_live_newsecret456def",
"signingInstructions": {
"algorithm": "HMAC-SHA256",
"headers": ["X-Public-Key", "X-Timestamp", "X-Signature"],
"payloadFormat": "{timestamp}.{method}.{path}.{bodyHash}",
"timestampWindowSeconds": 300
}
}
Authentication
Requiresx-auth-token and x-device-id headers. Obtain these by calling the login endpoint.
Path parameters
The ID of the API key to rotate.
Example request
curl -X POST \
https://relay.bayse.markets/v1/user/me/api-keys/3f7a1b2c-d4e5-6789-abcd-ef0123456789/rotate \
-H "x-auth-token: YOUR_AUTH_TOKEN" \
-H "x-device-id: YOUR_DEVICE_ID"
const response = await fetch(
'https://relay.bayse.markets/v1/user/me/api-keys/3f7a1b2c-d4e5-6789-abcd-ef0123456789/rotate',
{
method: 'POST',
headers: {
'x-auth-token': 'YOUR_AUTH_TOKEN',
'x-device-id': 'YOUR_DEVICE_ID',
},
}
);
const { publicKey, secretKey } = await response.json();
import requests
resp = requests.post(
'https://relay.bayse.markets/v1/user/me/api-keys/3f7a1b2c-d4e5-6789-abcd-ef0123456789/rotate',
headers={
'x-auth-token': 'YOUR_AUTH_TOKEN',
'x-device-id': 'YOUR_DEVICE_ID',
},
)
data = resp.json()
req, _ := http.NewRequest(
"POST",
"https://relay.bayse.markets/v1/user/me/api-keys/3f7a1b2c-d4e5-6789-abcd-ef0123456789/rotate",
nil,
)
req.Header.Set("x-auth-token", "YOUR_AUTH_TOKEN")
req.Header.Set("x-device-id", "YOUR_DEVICE_ID")
resp, _ := http.DefaultClient.Do(req)
Response
The same key ID as before.
The key’s label.
The public key — unchanged from before rotation.
A new secret key. Only returned once.
Updated signing instructions.
{
"id": "3f7a1b2c-d4e5-6789-abcd-ef0123456789",
"name": "Trading bot",
"publicKey": "pk_live_abcdef123456",
"secretKey": "sk_live_newsecret456def",
"signingInstructions": {
"algorithm": "HMAC-SHA256",
"headers": ["X-Public-Key", "X-Timestamp", "X-Signature"],
"payloadFormat": "{timestamp}.{method}.{path}.{bodyHash}",
"timestampWindowSeconds": 300
}
}
The old secret key stops working immediately upon rotation. Update all services using this key before rotating.
⌘I