API Key Security and Troubleshooting Checklist
Check everything at once: minimizing trading permissions, IP whitelist, API passphrase verification, and reconnection upon key changes. Investing just 10 minutes before live trading can significantly reduce risks.
1 Permission & Network Restrictions
The most important thing when issuing an API key from an exchange is 'Separation of Permissions'. You must enable only the trading permissions necessary for auto-trading and strictly disable withdrawal permissions to prevent asset theft.
- IP Whitelist Registration:
43.202.226.64 - Verify normal operation via paper trading or small orders immediately after key issuance.
2 Key Lifecycle & Storage
Some exchanges (OKX, Bitget, etc.) require a user-set api passphrase in addition to the API key. If lost or entered incorrectly in AlertWays, orders will not be executed.
- If you changed your key for security, you must re-register it in the AlertWays dashboard.
- If you suspect your key has been exposed, revoke it immediately on the exchange and reissue a new one.
3 Monitoring & Alerts
Don't relax just because the setup is done. Order History DashboardYou should frequently check if orders are being successfully filled via the
- Re-verify Webhook URL and JSON token accuracy if alerts are missed.
- If unexplained failures persist, try issuing a new API key and reconnecting.
"Security can never be too excessive. If the check is complete, start auto-trading safely now."