Launch Web Trader
Close
Contacts

USA, New York - 1060
Str. First Avenue 1

800 100 975 20 34
+ (123) 1800-234-5678

neuros@mail.co

Launch Web Trader
Launch Web Trader
View Categories

8.7 Updating or Rotating API Keys

2 min read

Regularly updating your API keys is a security best practice. This section covers when and how to rotate keys safely.

When to Update API Keys #

Security best practice:

  • Rotate keys quarterly as a preventive measure.

After any security concern:

  • Suspected key leak or compromise
  • Unusual API activity detected
  • Computer or device potentially compromised

Permission changes:

  • When modifying API permissions on the broker side.

Account changes:

  • After password resets or security updates on your exchange account.

Update Process #

Follow these steps to rotate your API keys without interrupting your trading:

Step 1: Generate New Keys on Broker Platform

  1. Log into your exchange account.
  2. Navigate to API Management.
  3. Create a new API key with the same permissions as the old key.
  4. Keep the old key active during transition to avoid downtime.

Step 2: Update in Flows.Trading

  1. Navigate to Settings → Brokers.
  2. Select the broker you want to update.
  3. Replace old credentials with new ones (paste new API Key and Secret).
  4. Click Update or Save.

Step 3: Test Connection

  1. Verify the connection is successful.
  2. Check account balance displays correctly.
  3. Place a small test order to confirm functionality.

Step 4: Deactivate Old Keys

  1. Once new keys are confirmed working, log back into your exchange.
  2. Navigate to API Management.
  3. Delete or disable the old API key.
  4. Verify the connection in Flows.Trading remains stable.

Rotation Best Practices #

Off-Hours Updates:

  • Perform key rotations during low trading activity (e.g., weekends, late nights).
  • Avoid rotating keys during volatile market conditions or when you have open positions.

Test Thoroughly:

  • Always verify all functionality before market hours.
  • Check order placement, modification, and cancellation.

Document Changes:

  • Keep a record of key rotation dates for future reference.
  • Note which keys are active and when they were last updated.

Monitor Performance:

  • Watch for any connection issues post-update.
  • Check API logs on your exchange for successful connections.

■ Try it now: If you’ve had your API key connected for a while, practice rotating it following the steps above. This ensures you’re familiar with the process before it becomes urgent.

What are your Feelings