NAV Navbar
NodeJS PHP

Introduction

Welcome to the Bitlocus API! You can use our API to access public data as well as your personal account.

We have language bindings in JavaScript (NodeJS) and PHP! Every API endpoint has example available on these languages.

Also check our published client libraries:

General usage

All API calls should use the base URL https://api.bitlocus.com

Public data API endpoints use GET method.

Private data API endpoints must use POST and require authentication.

Authentication

Private data API endpoints require authentication.

Authentication is made the same way as in majority other cryptocurrency exchanges. It uses nonce and message signature, which are passed as HTTP headers.

Nonce

// Nonce example
const nonce = new Date() * 1000;
// Nonce example
<?php

  $nonce = explode(' ', microtime());
  $nonce = $nonce[1] . str_pad(substr($nonce[0], 2, 6), 6, '0');

?>

A nonce is an arbitrary number used only once in a cryptographic communication. Nonce is used to ensure old communications cannot be reused in replay attacks.

We recommend time-based incremental unsigned 64 bit integer for nonce generation.

Message Signature

const crypto = require('crypto');
const qs = require('qs');
const API_SECRET = { YOUR API SECRET }

const path = '/balance';
const nonce = new Date() * 1000;
//  If no body parameters , leave it empty (const body = {})
const body = {
  asset: 'EUR', //Optional
};
const data = qs.stringify(body);
const signature = getSignature(path, data, API_SECRET, nonce);

function getSignature(path, data, secret, nonce) {
  const secret_buffer = new Buffer.from(secret, 'base64');
  const hash = new crypto.createHash('sha256');
  const hmac = new crypto.createHmac('sha512', secret_buffer);
  const hash_digest = hash.update(nonce + data).digest('latin1');
  const hmac_digest = hmac
    .update(path + hash_digest, 'latin1')
    .digest('base64');
  return hmac_digest;
}
<?php

$API_SECRET = { YOUR API SECRET };

$path = '/balance';
// If no parameters, leave body empty array. $body = []
$body = array(
    'asset' => 'EUR', // Optional
);
$postdata = http_build_query($body, '', '&');

$nonce = explode(' ', microtime());
$nonce = $nonce[1] . str_pad(substr($nonce[0], 2, 6), 6, '0');

$hash = $path . hash('sha256', $nonce . $postdata, true);
$signature = hash_hmac('sha512', $hash, base64_decode($API_SECRET), true);
$signature = base64_encode($signature);

?>

To generate hash of message signature, HMAC is used. Please check how this is done in different languages.

HTTP headers (for POST methods)

These headers should be added to every POST call which requires authentication.

Name Description Required Schema
api-key Your api key Yes string
api-sign Signature Yes string
nonce Nonce Yes string
Content-Type 'application/x-www-form-urlencoded' Yes string

HTTP General Error Codes (for private methods)

Code Description
451 Credentials not found
452 API key is not active
453 Nonce value is not valid
454 This API key has no permission to use the endpoint
455 Forbidden. User tier level is too low

Public API endpoints

Get all available assets

/assets

const axios = require('axios');

const API_URL = 'https://api.bitlocus.com'

const url =
  API_URL + '/assets/'

axios
  .get(url)
  .then(response => {
    const result = response.data;
  })
  .catch(e => console.log(e));
<?php
$curl = curl_init();

$API_URL = 'https://api.bitlocus.com';

curl_setopt_array($curl, array(
    CURLOPT_RETURNTRANSFER => 1,
    CURLOPT_URL => $API_URL . '/assets/'
));

$response = curl_exec($curl);

curl_close($curl);
?>

The above command returns JSON structured like this:

{
  "message": "Available assets",
  "trades": [
    {
      "short": "EUR",
      "full_name": "Euro",
      "description": "Euro currency",
      "type": "fiat",
      "decimal_places": "6"
    },
    {
      "short": "BTC",
      "full_name": "Bitcoin",
      "description": "Bitcoin cryptocurrency",
      "type": "crypto",
      "decimal_places": "8"
    }
  ]
}

This endpoint returns all available assets

HTTP Request

GET https://api.bitlocus.com/assets

Get last trades

/trade_history/{ticker}

const axios = require('axios');

const API_URL = 'https://api.bitlocus.com'
const ticker = 'BTCEUR';
const query = '?limit=50&offset=0';

const url =
  API_URL + '/trade_history/' + ticker + query

axios
  .get(url)
  .then(response => {
    const result = response.data;
  })
  .catch(e => console.log(e));
<?php
$curl = curl_init();

$API_URL = 'https://api.bitlocus.com';
$ticker = 'BTCEUR';
$query = '&limit=50&offset=0'

curl_setopt_array($curl, array(
    CURLOPT_RETURNTRANSFER => 1,
    CURLOPT_URL => $API_URL . '/trade_history/' . $ticker . $query
));

$response = curl_exec($curl);

curl_close($curl);
?>

The above command returns JSON structured like this:

{
  "message": "Trades of BTCEUR ticker",
  "trades": [
    {
      "id": "f46248d9-326f-405d-bfca-508e949116ad",
      "price": "5560.58",
      "quantity": "0.74821107",
      "amount": "4160.48",
      "ticker": "BTCEUR",
      "taker": "B",
      "updatedAt": "2020-12-14T01:05:07.771Z"
    },
    {
      "id": "asdf1554-326f-405d-bfca-508e949116ad",
      "price": "5570.68",
      "quantity": "0.04834522",
      "amount": "269.31",
      "ticker": "BTCEUR",
      "taker": "S",
      "updatedAt": "2020-12-14T01:05:08.771Z"
    }
  ]
}

This endpoint returns last 50 trades in exchange for ticker.

HTTP Request

GET https://api.bitlocus.com/trade_history/:ticker

Request Parameters

Name Location Description Required Schema
ticker path Ticker e.g. BTCEUR Yes string
limit query Default 50 No integer
offset query Default 0 No integer

Error Codes

Code Description
400 Bad request
404 Ticker {ticker} not found

Get best bids and asks

/order_book/{ticker}

const axios = require('axios');

const API_URL = 'https://api.bitlocus.com'
const ticker = 'BTCEUR';

const url =
  API_URL + '/order_book/' + ticker;

axios
  .get(url)
  .then(response => {
    const result = response.data;
  })
  .catch(e => console.log(e));
<?php
$curl = curl_init();

$API_URL = 'https://api.bitlocus.com';
$ticker = 'BTCEUR';

curl_setopt_array($curl, array(
    CURLOPT_RETURNTRANSFER => 1,
    CURLOPT_URL => $API_URL . '/order_book/' . $ticker
));

$resp = curl_exec($curl);

curl_close($curl);
?>

The above command returns JSON structured like this:

{
  "message": "Success message",
  "data": {
    "bids": [
      {
        "price": "5000",
        "quantity": "0.25"
      },
      {
        "price": "5000",
        "quantity": "0.25"
      },
      {
        "price": "5000",
        "quantity": "0.25"
      }
    ],
    "asks": [
      {
        "price": "7000",
        "quantity": "0.01"
      }
    ]
  }
}

Returns current best 100 bids and asks in exchange for ticker (bids in descending order, asks in ascending order)

HTTP Request

GET https://api.bitlocus.com/order_book/:ticker

Request Parameters

Name Location Description Required Schema
ticker path Ticker e.g. BTCEUR Yes string

Error Codes

Code Description
400 Bad request
404 Ticker {ticker} not found

Get available markets

/markets

const axios = require('axios');
const API_URL = 'https://api.bitlocus.com'
axios
  .get(API_URL + '/markets')
  .then(response => {
    const result = response.data;
  })
  .catch(e => console.log(e));
<?php
$curl = curl_init();

$API_URL = 'https://api.bitlocus.com';

curl_setopt_array($curl, array(
    CURLOPT_RETURNTRANSFER => 1,
    CURLOPT_URL => $API_URL . '/markets'
));

$resp = curl_exec($curl);

curl_close($curl);
?>

The above command returns JSON structured like this:

{
  "message": "Available tickers",
  "tickers": [
    {
      "name": "BTCEUR",
      "base": "BTC",
      "quote": "EUR",
      "type": "spot",
      "24h_volume": "6.11834936",
      "24h_high": "7929.14",
      "24h_low": "7622.78",
      "best_bid": "7621.02",
      "best_ask": "7653.62",
      "last": "7653.62"
    },
    {
      "name": "ETHEUR",
      "base": "ETH",
      "quote": "EUR",
      "type": "spot",
      "24h_volume": "92.12407318",
      "24h_high": "175.8",
      "24h_low": "170.58",
      "best_bid": "169.29",
      "best_ask": "170.77",
      "last": "170.77"
    }
  ]
}

Returns available tickers (markets)

HTTP Request

GET https://api.bitlocus.com/markets

Private API endpoints

Get balance

/balance/{asset}

const crypto = require('crypto');
const axios = require('axios');
const qs = require('qs');

const API_URL = 'https://api.bitlocus.com';
const API_KEY = { YOUR API KEY }
const API_SECRET = { YOUR API SECRET }

const path = '/balance';
const nonce = new Date().getTime();
const params = {
  asset: 'EUR', // optional
};

const data = qs.stringify(params);

const signature = getSignature(path, data, API_SECRET, nonce);

const query = getQuery(params);

const options = {
  method: 'GET',
  url: `${API_URL}${path}${query}`,
  headers: {
    'api-key': API_KEY,
    'api-sign': signature,
    nonce,
  },
};

axios(options)
  .then(response => {
    const { data } = response;
    console.log('RESULT', data);
  })
  .catch(e => {
    e = e.response || e;
    e = e.data || e;
    console.error(e);
  });

function getQuery(params) {
  if (Object.keys(params).length) return `?${new URLSearchParams(params)}`;
  return '';
}

function getSignature(path, data, secret, nonce) {
  const secret_buffer = new Buffer.from(secret, 'base64');
  const hash = new crypto.createHash('sha256');
  const hmac = new crypto.createHmac('sha512', secret_buffer);
  const hash_digest = hash.update(nonce + data).digest('latin1');
  const hmac_digest = hmac.update(path + hash_digest, 'latin1').digest('base64');
  return hmac_digest;
}
<?php

$curl = curl_init();

$API_URL = 'https://api.bitlocus.com';
$API_KEY = { YOUR API KEY };
$API_SECRET = { YOUR API SECRET };

$path = '/balance';
// If no parameters, leave body empty array. $body = []
$body = array(
    'asset' => 'EUR', // Optional
);

$nonce = explode(' ', microtime());
$nonce = $nonce[1] . str_pad(substr($nonce[0], 2, 6), 6, '0');

$data = http_build_query($body, '', '&');
$hash = $path . hash('sha256', $nonce . $data, true);
$signature = hash_hmac('sha512', $hash, base64_decode($API_SECRET), true);
$signature = base64_encode($signature);

$url = $API_URL . $path;

if($data)
    $url = $url . '?' . $data;

curl_setopt_array($curl, array(
    CURLOPT_RETURNTRANSFER => 1,
    CURLOPT_URL => $url,
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_HTTPHEADER => array(
        'api-key: ' . $API_KEY,
        'api-sign: ' . $signature,
        'nonce: ' . $nonce
    ),
));

$response = curl_exec($curl);

curl_close($curl);

print_r($response);
?>

The above command returns JSON structured like this:

{
  "message": "User Balances",
  "balances": [
    {
      "asset": "EUR",
      "available_balance": "1520.00",
      "total_balance": "1560.00",
      "reserved": "40.00"
    },
    {
      "asset": "BTC",
      "available_balance": "1.00001500",
      "total_balance": "1.50001500",
      "reserved": "0.50000000"
    }
  ]
}

This endpoint returns user account balances for:

HTTP Request

GET https://api.bitlocus.com/balance

Request Parameters

Name Location Description Required Schema
asset query E.g EUR, BTC, ETH or other No string

Error Codes

Code Description
404 Asset {asset} not found

Place Limit Order

/add_limit_order

const crypto = require('crypto');
const axios = require('axios');
const qs = require('qs');

const API_URL = 'https://api.bitlocus.com';
const API_KEY = { YOUR API KEY }
const API_SECRET = { YOUR API SECRET }

const path = '/add_limit_order';
const nonce = new Date() * 1000;
// NOTE: all body parameter types must be strings
const body = {
  ticker: "BTCEUR",
  side: "buy",
  price: "5000",
  quantity: "0.25",
};
const data = qs.stringify(body);
const signature = getSignature(path, data, API_SECRET, nonce);
const options = {
  method: 'post',
  url: API_URL + path,
  data,
  headers: {
    'Content-Type': 'application/x-www-form-urlencoded',
    'api-key': API_KEY,
    'api-sign': signature,
    nonce,
  },
};

axios(options)
  .then(response => {
    const result = response.data;
  })
  .catch(e => console.log(e.response.data));

function getSignature(path, data, secret, nonce) {
  const secret_buffer = new Buffer.from(secret, 'base64');
  const hash = new crypto.createHash('sha256');
  const hmac = new crypto.createHmac('sha512', secret_buffer);
  const hash_digest = hash.update(nonce + data).digest('latin1');
  const hmac_digest = hmac
    .update(path + hash_digest, 'latin1')
    .digest('base64');
  return hmac_digest;
}
<?php

$curl = curl_init();

$API_URL = 'https://api.bitlocus.com';
$API_KEY = { YOUR API KEY };
$API_SECRET = { YOUR API SECRET };

$path = '/add_limit_order';
$body = array(
    'ticker' => 'BTCEUR',
    'side' => 'buy',
    'price' => '4500',
    'quantity' => '0.01'
);
$postdata = http_build_query($body, '', '&');

$nonce = explode(' ', microtime());
$nonce = $nonce[1] . str_pad(substr($nonce[0], 2, 6), 6, '0');

$hash = $path . hash('sha256', $nonce . $postdata, true);
$signature = hash_hmac('sha512', $hash, base64_decode($API_SECRET), true);
$signature = base64_encode($signature);

curl_setopt_array($curl, array(
    CURLOPT_RETURNTRANSFER => 1,
    CURLOPT_URL => $API_URL . $path,
    CURLOPT_POST => 1,
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_HTTPHEADER => array(
      'Content-Type: application/x-www-form-urlencoded',
      'api-key: ' . $API_KEY,
      'api-sign: ' . $signature,
        'nonce: ' . $nonce
    ),
    CURLOPT_POSTFIELDS => $postdata
));

$response = curl_exec($curl);

curl_close($curl);

print_r($response);
?>

The above command returns JSON structured like this:

{
  "message": "Order placed successfully",
  "id": "10d486d0-2a61-11eb-8188-7b2c438dd9cf",
  "order": {
    "id": "10d486d0-2a61-11eb-8188-7b2c438dd9cf",
    "ticker": "BTCEUR",
    "side": "buy",
    "type": "limit",
    "price": "11250",
    "quantityInitial": "0.01225",
    "quantityRemaining": "0.01225",
    "status": "A"
  }
}

Place limit order

HTTP Request

POST https://api.bitlocus.com/add_limit_order

Request Parameters

Name Location Description Required Schema
ticker body E.g btceur Yes string
side body buy/sell Yes string
price body Order price Yes string
quantity body Order quantity Yes string

Possible Order Status

Satus Description
A Active - order is open.
C Cancelled - order is cancelled.
F Fulfilled - order is fully mached.

Error Codes

Code Description
400 Parameter "price" or "quantity" is not a number
403 Parameter "side" must be one of these: "buy", "sell"
404 Ticker {ticker} not found
411 Balance not enough to place and order
412 There are opposite orders of this user, trade with self is forbidden
413 Order values are lower than allowed. Min possible order value is ${min_value} ${asset}
414 Account is locked

Place Market Order

/add_market_order

const crypto = require('crypto');
const axios = require('axios');
const qs = require('qs');

const API_URL = 'https://api.bitlocus.com';
const API_KEY = { YOUR API KEY }
const API_SECRET = { YOUR API SECRET }

const path = '/add_market_order';
const nonce = new Date() * 1000;
// NOTE: all body parameter types must be strings
const buy_order_body = {
  ticker: "BTCEUR",
  side: "buy",
  amount: "5000",
};
const sell_order_body = {
  ticker: "BTCEUR",
  side: "sell",
  quantity: "1.25",
};
const data = qs.stringify(buy_order_body);
const signature = getSignature(path, data, API_SECRET, nonce);
const options = {
  method: 'post',
  url: API_URL + path,
  data,
  headers: {
    'Content-Type': 'application/x-www-form-urlencoded',
    'api-key': API_KEY,
    'api-sign': signature,
    nonce,
  },
};

axios(options)
  .then(response => {
    const result = response.data;
  })
  .catch(e => console.log(e.response.data));

function getSignature(path, data, secret, nonce) {
  const secret_buffer = new Buffer.from(secret, 'base64');
  const hash = new crypto.createHash('sha256');
  const hmac = new crypto.createHmac('sha512', secret_buffer);
  const hash_digest = hash.update(nonce + data).digest('latin1');
  const hmac_digest = hmac
    .update(path + hash_digest, 'latin1')
    .digest('base64');
  return hmac_digest;
}
<?php

$curl = curl_init();

$API_URL = 'https://api.bitlocus.com';
$API_KEY = { YOUR API KEY };
$API_SECRET = { YOUR API SECRET };

$path = '/add_market_order';

$buy_order_body = array(
    'ticker' => 'BTCEUR',
    'side' => 'buy',
    'amount' => '4500',
);

$sell_order_body = array(
    'ticker' => 'BTCEUR',
    'side' => 'sell',
    'quantity' => '1.25'
);

$postdata = http_build_query($buy_order_body, '', '&');

$nonce = explode(' ', microtime());
$nonce = $nonce[1] . str_pad(substr($nonce[0], 2, 6), 6, '0');

$hash = $path . hash('sha256', $nonce . $postdata, true);
$signature = hash_hmac('sha512', $hash, base64_decode($API_SECRET), true);
$signature = base64_encode($signature);

curl_setopt_array($curl, array(
    CURLOPT_RETURNTRANSFER => 1,
    CURLOPT_URL => $API_URL . $path,
    CURLOPT_POST => 1,
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_HTTPHEADER => array(
      'Content-Type: application/x-www-form-urlencoded',
      'api-key: ' . $API_KEY,
      'api-sign: ' . $signature,
        'nonce: ' . $nonce
    ),
    CURLOPT_POSTFIELDS => $postdata
));

$response = curl_exec($curl);

curl_close($curl);

print_r($response);
?>

When "side" = "buy" the above command returns JSON structured like this:

{
  "id": "3ee0e2d0-3ecf-11eb-92f4-09c90baada06",
  "message": "Order executed successfully",
  "order": {
    "id": "3ee0e2d0-3ecf-11eb-92f4-09c90baada06",
    "ticker": "BTCEUR",
    "side": "buy",
    "status": "F",
    "amount": "100"
  }
}

When "side" = "sell" the above command returns JSON structured like this:

{
  "id": "233684e0-3ecf-11eb-92f4-09c90baada06",
  "message": "Order executed successfully",
  "order": {
    "id": "233684e0-3ecf-11eb-92f4-09c90baada06",
    "ticker": "BTCEUR",
    "side": "sell",
    "status": "F",
    "quantity": "0.01"
  }
}

Place market order.
Important:
When "side" = "buy", then "amount" is mandatory, and "quantity" cannot be set.
When "side" = "sell", then "quantity" is mandatory, and "amount" cannot be set.

HTTP Request

POST https://api.bitlocus.com/add_market_order

Request Parameters

Name Location Description Required Schema
ticker body E.g btceur Yes string
side body buy/sell Yes string
amount body Order amount No string
quantity body Order quantity No string

Possible Order Status

Satus Description
F Fulfilled - order is fully mached.

Error Codes

Code Description
400 Parameter "amount" or "quantity" is not a number
401 When "side" = "buy", then "amount" is mandatory
402 When "side" = "sell", then "quantity" is mandatory
403 Parameter "side" must be one of these: "buy", "sell"
404 Ticker {ticker} not found
411 Balance not enough to place and order
412 There are opposite orders of this user, trade with self is forbidden
413 Order values are lower than allowed. Min possible order value is ${min_value} ${asset}
414 Account is locked
415 Market order quantity is too low
416 Not enough orders (liquidity) to fill market order

Cancel Order

/cancel

const crypto = require('crypto');
const axios = require('axios');
const qs = require('qs');

const API_URL = 'https://api.bitlocus.com';
const API_KEY = { YOUR API KEY }
const API_SECRET = { YOUR API SECRET }

const path = '/cancel';
const nonce = new Date() * 1000;
const body = {
  id: "f18cde40-3ff1-11e9-9dca-c5201463d22f",
};
const data = qs.stringify(body);
const signature = getSignature(path, data, API_SECRET, nonce);
const options = {
  method: 'post',
  url: API_URL + path,
  data,
  headers: {
    'Content-Type': 'application/x-www-form-urlencoded',
    'api-key': API_KEY,
    'api-sign': signature,
    nonce,
  },
};

axios(options)
  .then(response => {
    const result = response.data;

  })
  .catch(e => console.log(e.response.data));

function getSignature(path, data, secret, nonce) {
  const secret_buffer = new Buffer.from(secret, 'base64');
  const hash = new crypto.createHash('sha256');
  const hmac = new crypto.createHmac('sha512', secret_buffer);
  const hash_digest = hash.update(nonce + data).digest('latin1');
  const hmac_digest = hmac
    .update(path + hash_digest, 'latin1')
    .digest('base64');
  return hmac_digest;
}
<?php

$curl = curl_init();

$API_URL = 'https://api.bitlocus.com';
$API_KEY = { YOUR API KEY };
$API_SECRET = { YOUR API SECRET };

$path = '/cancel';
$body = array(
    'id' => "f18cde40-3ff1-11e9-9dca-c5201463d22f"
);
$postdata = http_build_query($body, '', '&');

$nonce = explode(' ', microtime());
$nonce = $nonce[1] . str_pad(substr($nonce[0], 2, 6), 6, '0');

$hash = $path . hash('sha256', $nonce . $postdata, true);
$signature = hash_hmac('sha512', $hash, base64_decode($API_SECRET), true);
$signature = base64_encode($signature);

curl_setopt_array($curl, array(
    CURLOPT_RETURNTRANSFER => 1,
    CURLOPT_URL => $API_URL . $path,
    CURLOPT_POST => 1,
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_HTTPHEADER => array(
      'Content-Type: application/x-www-form-urlencoded',
      'api-key: ' . $API_KEY,
      'api-sign: ' . $signature,
        'nonce: ' . $nonce
    ),
    CURLOPT_POSTFIELDS => $postdata
));

$response = curl_exec($curl);

curl_close($curl);

print_r($response);
?>

The above command returns JSON structured like this:

{
  "message": "Success message",
  "order": {
    "id": "10d486d0-2a61-11eb-8188-7b2c438dd9cf",
    "ticker": "BTCEUR",
    "side": "buy",
    "type": "limit",
    "price": "11250",
    "quantityInitial": "0.01225",
    "quantityRemaining": "0.01225",
    "status": "C",
    "createdAt": "2020-12-14T09:21:21.569Z"
  }
}

Cancel order

HTTP Request

POST https://api.bitlocus.com/cancel

Request Parameters

Name Location Description Required Schema
id body Order id Yes string

Possible Order Status

Satus Description
C Cancelled - order is cancelled.

Error Codes

Code Description
400 Wrong "id" is given
404 Order not found
409 Open order not found

Cancel All Orders

/cancel_all_orders

const crypto = require('crypto');
const axios = require('axios');
const qs = require('qs');

const API_URL = 'https://api.bitlocus.com';
const API_KEY = { YOUR API KEY }
const API_SECRET = { YOUR API SECRET }

const path = '/cancel_all_orders';
const nonce = new Date() * 1000;
const body = {
  ticker: "BTCEUR",
};
const data = qs.stringify(body);
const signature = getSignature(path, data, API_SECRET, nonce);
const options = {
  method: 'post',
  url: API_URL + path,
  data,
  headers: {
    'Content-Type': 'application/x-www-form-urlencoded',
    'api-key': API_KEY,
    'api-sign': signature,
    nonce,
  },
};

axios(options)
  .then(response => {
    const result = response.data;

  })
  .catch(e => console.log(e.response.data));

function getSignature(path, data, secret, nonce) {
  const secret_buffer = new Buffer.from(secret, 'base64');
  const hash = new crypto.createHash('sha256');
  const hmac = new crypto.createHmac('sha512', secret_buffer);
  const hash_digest = hash.update(nonce + data).digest('latin1');
  const hmac_digest = hmac
    .update(path + hash_digest, 'latin1')
    .digest('base64');
  return hmac_digest;
}
<?php

$curl = curl_init();

$API_URL = 'https://api.bitlocus.com';
$API_KEY = { YOUR API KEY };
$API_SECRET = { YOUR API SECRET };

$path = '/cancel_all_orders';
$body = array(
    'ticker' => "BTCEUR"
);
$postdata = http_build_query($body, '', '&');

$nonce = explode(' ', microtime());
$nonce = $nonce[1] . str_pad(substr($nonce[0], 2, 6), 6, '0');

$hash = $path . hash('sha256', $nonce . $postdata, true);
$signature = hash_hmac('sha512', $hash, base64_decode($API_SECRET), true);
$signature = base64_encode($signature);

curl_setopt_array($curl, array(
    CURLOPT_RETURNTRANSFER => 1,
    CURLOPT_URL => $API_URL . $path,
    CURLOPT_POST => 1,
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_HTTPHEADER => array(
      'Content-Type: application/x-www-form-urlencoded',
      'api-key: ' . $API_KEY,
      'api-sign: ' . $signature,
        'nonce: ' . $nonce
    ),
    CURLOPT_POSTFIELDS => $postdata
));

$response = curl_exec($curl);

curl_close($curl);

print_r($response);
?>

The above command returns JSON structured like this:

{
  "message": "Success message"
}

Cancel all orders

HTTP Request

POST https://api.bitlocus.com/cancel_all_orders

Request Parameters

Name Location Description Required Schema
ticker body Ticker name Yes string

Error Codes

Code Description
404 Ticker {ticker} not found

Order info

/order_info

const crypto = require('crypto');
const axios = require('axios');
const qs = require('qs');

const API_URL = 'https://api.bitlocus.com';
const API_KEY = { YOUR API KEY }
const API_SECRET = { YOUR API SECRET }

const path = '/order_info';

const params = {
  id: 'cdb0d1f0-3ea7-11eb-92f4-09c90baada06', // required
};

const data = qs.stringify(params);

const nonce = new Date().getTime();
const signature = getSignature(path, data, API_SECRET, nonce);

const query = getQuery(params);

const options = {
  method: 'GET',
  url: `${API_URL}${path}${query}`,
  headers: {
    'api-key': API_KEY,
    'api-sign': signature,
    nonce,
  },
};

axios(options)
  .then(response => {
    const { data } = response;
    console.log('RESULT', data);
  })
  .catch(e => {
    e = e.response || e;
    e = e.data || e;
    console.error(e);
  });

function getQuery(params) {
  if (Object.keys(params).length) return `?${new URLSearchParams(params)}`;
  return '';
}

function getSignature(path, data, secret, nonce) {
  const secret_buffer = new Buffer.from(secret, 'base64');
  const hash = new crypto.createHash('sha256');
  const hmac = new crypto.createHmac('sha512', secret_buffer);
  const hash_digest = hash.update(nonce + data).digest('latin1');
  const hmac_digest = hmac.update(path + hash_digest, 'latin1').digest('base64');
  return hmac_digest;
}
<?php

$curl = curl_init();

$API_URL = 'https://api.bitlocus.com';
$API_KEY = { YOUR API KEY };
$API_SECRET = { YOUR API SECRET };

$path = '/order_info';
$body = array(
    'id' => 'cdb0d1f0-3ea7-11eb-92f4-09c90baada06', // required
);

$nonce = explode(' ', microtime());
$nonce = $nonce[1] . str_pad(substr($nonce[0], 2, 6), 6, '0');

$data = http_build_query($body, '', '&');
$hash = $path . hash('sha256', $nonce . $data, true);
$signature = hash_hmac('sha512', $hash, base64_decode($API_SECRET), true);
$signature = base64_encode($signature);

$url = $API_URL . $path;

if($data)
    $url = $url . '?' . $data;

curl_setopt_array($curl, array(
    CURLOPT_RETURNTRANSFER => 1,
    CURLOPT_URL => $url,
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_HTTPHEADER => array(
      'api-key: ' . $API_KEY,
      'api-sign: ' . $signature,
        'nonce: ' . $nonce
    ),
));

$response = curl_exec($curl);

curl_close($curl);

print_r($response);
?>

The above command returns JSON structured like this:

{
  "message": "Order info",
  "order": {
    "id": "cdb0d1f0-3ea7-11eb-92f4-09c90baada06",
    "ticker": "BTCEUR",
    "type": "limit",
    "side": "buy",
    "price": "16000",
    "quantityInitial": "0.1",
    "quantityRemaining": "0.06",
    "status": "A",
    "createdAt": "2020-12-15T07:33:19.631Z",
    "trades": [
      {
        "id": "cdc1e8f0-3ea7-11eb-92f4-09c90baada06",
        "orderId": "cdb0d1f0-3ea7-11eb-92f4-09c90baada06",
        "ticker": "BTCEUR",
        "side": "buy",
        "quantity": "0.03",
        "price": "15550",
        "amount": "466.5",
        "appliedFee": "0.004",
        "chargedFee": "1.86",
        "takerOrMaker": "taker",
        "createdAt": "2020-12-15T07:33:19.890Z"
      },
      {
        "id": "cdbba760-3ea7-11eb-92f4-09c90baada06",
        "orderId": "cdb0d1f0-3ea7-11eb-92f4-09c90baada06",
        "ticker": "BTCEUR",
        "side": "buy",
        "quantity": "0.01",
        "price": "15000",
        "amount": "150",
        "appliedFee": "0.004",
        "chargedFee": "0.6",
        "takerOrMaker": "taker",
        "createdAt": "2020-12-15T07:33:19.742Z"
      }
    ]
  }
}

Returns data for particular order.

HTTP Request

GET https://api.bitlocus.com/order_info

Request Parameters

Name Location Description Required Schema
id query Order id Yes string

Possible Order Status

Satus Description
A Active - order is open.
C Cancelled - order is cancelled.
F Fulfilled - order is fully mached.

Error Codes

Code Description
400 Wrong "id" is given
404 Order not found

Open orders

/open_orders

const crypto = require('crypto');
const axios = require('axios');
const qs = require('qs');

const API_URL = 'https://api.bitlocus.com';
const API_KEY = { YOUR API KEY }
const API_SECRET = { YOUR API SECRET }

const path = '/open_orders';

const params = {
  ticker: 'btceur', // optional
  limit: 10, // optional
  offset: 0, // optional
};

const data = qs.stringify(params);

const nonce = new Date().getTime();
const signature = getSignature(path, data, API_SECRET, nonce);

const query = getQuery(params);

const options = {
  method: 'GET',
  url: `${API_URL}${path}${query}`,
  headers: {
    'api-key': API_KEY,
    'api-sign': signature,
    nonce,
  },
};

axios(options)
  .then(response => {
    const { data } = response;
    console.log('RESULT', data);
  })
  .catch(e => {
    e = e.response || e;
    e = e.data || e;
    console.error(e);
  });

function getQuery(params) {
  if (Object.keys(params).length) return `?${new URLSearchParams(params)}`;
  return '';
}

function getSignature(path, data, secret, nonce) {
  const secret_buffer = new Buffer.from(secret, 'base64');
  const hash = new crypto.createHash('sha256');
  const hmac = new crypto.createHmac('sha512', secret_buffer);
  const hash_digest = hash.update(nonce + data).digest('latin1');
  const hmac_digest = hmac.update(path + hash_digest, 'latin1').digest('base64');
  return hmac_digest;
}
<?php

$curl = curl_init();

$API_URL = 'https://api.bitlocus.com';
$API_KEY = { YOUR API KEY };
$API_SECRET = { YOUR API SECRET };

$path = '/open_orders';

// If no parameters, leave body empty array. $body = []
$body = array(
    'ticker' => 'btceur', // optional
    'limit' => 100, // optional
    'offset' => 0, // optional
);

$nonce = explode(' ', microtime());
$nonce = $nonce[1] . str_pad(substr($nonce[0], 2, 6), 6, '0');

$data = http_build_query($body, '', '&');
$hash = $path . hash('sha256', $nonce . $data, true);
$signature = hash_hmac('sha512', $hash, base64_decode($API_SECRET), true);
$signature = base64_encode($signature);

$url = $API_URL . $path;

if($data)
    $url = $url . '?' . $data;

curl_setopt_array($curl, array(
    CURLOPT_RETURNTRANSFER => 1,
    CURLOPT_URL => $url,
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_HTTPHEADER => array(
      'api-key: ' . $API_KEY,
      'api-sign: ' . $signature,
        'nonce: ' . $nonce
    ),
));

$response = curl_exec($curl);

curl_close($curl);

print_r($response);
?>

The above command returns JSON structured like this:

{
  "message": "Open orders",
  "orders": {
    "count": 2,
    "rows": [
      {
        "id": "4fe99cb0-3ea8-11eb-92f4-09c90baada06",
        "ticker": "BTCEUR",
        "side": "buy",
        "type": "limit",
        "price": "14000",
        "quantityInitial": "0.0256",
        "quantityRemaining": "0.0256",
        "status": "A",
        "createdAt": "2020-12-15T07:36:58.107Z",
        "trades": []
      },
      {
        "id": "cdb0d1f0-3ea7-11eb-92f4-09c90baada06",
        "ticker": "BTCEUR",
        "side": "buy",
        "type": "limit",
        "price": "16000",
        "quantityInitial": "0.1",
        "quantityRemaining": "0.06",
        "status": "A",
        "createdAt": "2020-12-15T07:33:19.631Z",
        "trades": [
          {
            "id": "cdc1e8f0-3ea7-11eb-92f4-09c90baada06",
            "orderId": "cdb0d1f0-3ea7-11eb-92f4-09c90baada06",
            "ticker": "BTCEUR",
            "side": "buy",
            "quantity": "0.03",
            "price": "15550",
            "amount": "466.5",
            "appliedFee": "0.004",
            "chargedFee": "1.86",
            "takerOrMaker": "taker",
            "createdAt": "2020-12-15T07:33:19.890Z"
          },
          {
            "id": "cdbba760-3ea7-11eb-92f4-09c90baada06",
            "orderId": "cdb0d1f0-3ea7-11eb-92f4-09c90baada06",
            "ticker": "BTCEUR",
            "side": "buy",
            "quantity": "0.01",
            "price": "15000",
            "amount": "150",
            "appliedFee": "0.004",
            "chargedFee": "0.6",
            "takerOrMaker": "taker",
            "createdAt": "2020-12-15T07:33:19.742Z"
          }
        ]
      }
    ]
  }
}

Returns open (active) orders for user.

HTTP Request

GET https://api.bitlocus.com/open_orders

Request Parameters

Name Location Description Required Schema
limit query Default 100 no integer
offset query Defualt 0 no integer
ticker query E.g. BTCEUR no string

Possible Order Status

Satus Description
A Active - order is open.
C Cancelled - order is cancelled.
F Fulfilled - order is fully mached.

Error Codes

Code Description
404 Ticker {ticker} not found

User Trades

/user_trades

const crypto = require('crypto');
const axios = require('axios');
const qs = require('qs');

const API_URL = 'https://api.bitlocus.com';
const API_KEY = { YOUR API KEY }
const API_SECRET = { YOUR API SECRET }

const path = '/user_trades';

const params = {
  ticker: 'btceur', // required
  limit: 50, // optional
  offset: 0, // optional
};

const data = qs.stringify(params);

const nonce = new Date().getTime();
const signature = getSignature(path, data, API_SECRET, nonce);

const query = getQuery(params);

const options = {
  method: 'GET',
  url: `${API_URL}${path}${query}`,
  headers: {
    'api-key': API_KEY,
    'api-sign': signature,
    nonce,
  },
};

axios(options)
  .then(response => {
    const { data } = response;
    console.log('RESULT', data);
  })
  .catch(e => {
    e = e.response || e;
    e = e.data || e;
    console.error(e);
  });

function getQuery(params) {
  if (Object.keys(params).length) return `?${new URLSearchParams(params)}`;
  return '';
}

function getSignature(path, data, secret, nonce) {
  const secret_buffer = new Buffer.from(secret, 'base64');
  const hash = new crypto.createHash('sha256');
  const hmac = new crypto.createHmac('sha512', secret_buffer);
  const hash_digest = hash.update(nonce + data).digest('latin1');
  const hmac_digest = hmac.update(path + hash_digest, 'latin1').digest('base64');
  return hmac_digest;
}
<?php

$curl = curl_init();

$API_URL = 'https://api.bitlocus.com';
$API_KEY = { YOUR API KEY };
$API_SECRET = { YOUR API SECRET };

$path = '/user_trades';

$body = array(
    'ticker' => 'btceur', // required
    'limit' => 50, // optional
    'offset' => 0, // optional
);

$nonce = explode(' ', microtime());
$nonce = $nonce[1] . str_pad(substr($nonce[0], 2, 6), 6, '0');

$data = http_build_query($body, '', '&');
$hash = $path . hash('sha256', $nonce . $data, true);
$signature = hash_hmac('sha512', $hash, base64_decode($API_SECRET), true);
$signature = base64_encode($signature);

$url = $API_URL . $path;

if($data)
    $url = $url . '?' . $data;

curl_setopt_array($curl, array(
    CURLOPT_RETURNTRANSFER => 1,
    CURLOPT_URL => $url,
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_HTTPHEADER => array(
      'api-key: ' . $API_KEY,
      'api-sign: ' . $signature,
        'nonce: ' . $nonce
    ),
));

$response = curl_exec($curl);

curl_close($curl);

print_r($response);
?>

The above command returns JSON structured like this:

{
  "message": "User trades",
  "trades": {
    "count": 215,
    "rows": [
      {
        "tradeId": "cdc1e8f0-3ea7-11eb-92f4-09c90baada06",
        "orderId": "cdb0d1f0-3ea7-11eb-92f4-09c90baada06",
        "ticker": "BTCEUR",
        "side": "buy",
        "takerOrMaker": "taker",
        "quantity": "0.03",
        "price": "15550",
        "amount": "466.5",
        "appliedFee": "0.002",
        "chargedFee": "1.86",
        "createdAt": "2020-12-15T07:33:19.890Z"
      },
      {
        "tradeId": "cdbba760-3ea7-11eb-92f4-09c90baada06",
        "orderId": "cdb0d1f0-3ea7-11eb-92f4-09c90baada06",
        "ticker": "BTCEUR",
        "side": "buy",
        "takerOrMaker": "taker",
        "quantity": "0.01",
        "price": "15000",
        "amount": "150",
        "appliedFee": "0.002",
        "chargedFee": "0.6",
        "createdAt": "2020-12-15T07:33:19.742Z"
      },
      {
        "tradeId": "f69974b0-3e06-11eb-92f4-09c90baada06",
        "orderId": "f691d390-3e06-11eb-92f4-09c90baada06",
        "ticker": "BTCEUR",
        "side": "buy",
        "takerOrMaker": "taker",
        "quantity": "0.0014",
        "price": "5000",
        "amount": "7",
        "appliedFee": "0.004",
        "chargedFee": "0.02",
        "createdAt": "2020-12-14T12:21:59.324Z"
      }
    ]
  }
}

Returns last 50 trades for user.

HTTP Request

GET https://api.bitlocus.com/user_trades

Request Parameters

Name Location Description Required Schema
ticker query Ticker e.g "BTCEUR" yes string
limit query Default 50 no integer
offset query Defualt 0 no integer

Error Codes

Code Description
400 Bad request
404 Ticker {ticker} not found

User Payments

/payments

const crypto = require('crypto');
const axios = require('axios');
const qs = require('qs');

const API_URL = 'https://api.bitlocus.com';
const API_KEY = { YOUR API KEY }
const API_SECRET = { YOUR API SECRET }

const path = '/payments';

const params = {
  asset: 'eur', // optional
  limit: 50, // optional
  offset: 0, // optional
};

const data = qs.stringify(params);

const nonce = new Date().getTime();
const signature = getSignature(path, data, API_SECRET, nonce);

const query = getQuery(params);

const options = {
  method: 'GET',
  url: `${API_URL}${path}${query}`,
  headers: {
    'api-key': API_KEY,
    'api-sign': signature,
    nonce,
  },
};

axios(options)
  .then(response => {
    const { data } = response;
    console.log('RESULT', data);
  })
  .catch(e => {
    e = e.response || e;
    e = e.data || e;
    console.error(e);
  });

function getQuery(params) {
  if (Object.keys(params).length) return `?${new URLSearchParams(params)}`;
  return '';
}

function getSignature(path, data, secret, nonce) {
  const secret_buffer = new Buffer.from(secret, 'base64');
  const hash = new crypto.createHash('sha256');
  const hmac = new crypto.createHmac('sha512', secret_buffer);
  const hash_digest = hash.update(nonce + data).digest('latin1');
  const hmac_digest = hmac.update(path + hash_digest, 'latin1').digest('base64');
  return hmac_digest;
}
<?php

$curl = curl_init();

$API_URL = 'https://api.bitlocus.com';
$API_KEY = { YOUR API KEY };
$API_SECRET = { YOUR API SECRET };

$path = '/payments';

$body = array(
    'asset' => 'eur', // optional
    'limit' => 50, // optional
    'offset' => 0, // optional
);

$nonce = explode(' ', microtime());
$nonce = $nonce[1] . str_pad(substr($nonce[0], 2, 6), 6, '0');

$data = http_build_query($body, '', '&');
$hash = $path . hash('sha256', $nonce . $data, true);
$signature = hash_hmac('sha512', $hash, base64_decode($API_SECRET), true);
$signature = base64_encode($signature);

$url = $API_URL . $path;

if($data)
    $url = $url . '?' . $data;

curl_setopt_array($curl, array(
    CURLOPT_RETURNTRANSFER => 1,
    CURLOPT_URL => $url,
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_HTTPHEADER => array(
        'api-key: ' . $API_KEY,
        'api-sign: ' . $signature,
        'nonce: ' . $nonce
    ),
));

$response = curl_exec($curl);

curl_close($curl);

print_r($response);
?>

The above command returns JSON structured like this:

{
  "message": "User payments",
  "payments": {
    "count": 64,
    "rows": [
      {
        "id": "9cfcd7e0-2da2-11eb-b168-7b64786458a7",
        "type": "deposit",
        "asset": "EUR",
        "amount": "56",
        "fee": "2.46",
        "createdAt": "2020-11-23T15:43:20.671Z"
      },
      {
        "id": "4fd5fc60-1521-11eb-9af3-5f9f6791b30f",
        "type": "deposit",
        "asset": "EUR",
        "amount": "56",
        "fee": "2.46",
        "createdAt": "2020-10-23T11:17:18.246Z"
      },
      {
        "id": "161879c0-5fba-11ea-bbbd-71a665eb6aae",
        "type": "withdrawal",
        "asset": "BTC",
        "amount": "0.01367824",
        "fee": "0.0005",
        "createdAt": "2020-03-06T14:52:22.748Z"
      },
      {
        "id": "ffb74210-5fb9-11ea-bbbd-71a665eb6aae",
        "type": "withdrawal",
        "asset": "BTC",
        "amount": "0.01372879",
        "fee": "0.0005",
        "createdAt": "2020-03-06T14:51:45.201Z"
      }
    ]
  }
}

Returns user payments

HTTP Request

GET https://api.bitlocus.com/payments

Request Parameters

Name Location Description Required Schema
asset query Asset e.g 'EUR', 'BTC' no string
limit query Default 50 no integer
offset query Default 0 no integer

Error Codes

Code Description
400 Bad request
404 Asset {asset} not found