Introduction
Welcome to the Bitlocus API! You can use our API to access public data as well as your personal account.
We have language bindings in JavaScript (NodeJS) and PHP! Every API endpoint has example available on these languages.
Also check our published client libraries:
- NodeJS
- PHP
General usage
All API calls should use the base URL https://api.bitlocus.com
Public data API endpoints use GET method.
Private data API endpoints must use POST and require authentication.
Authentication
Private data API endpoints require authentication.
Authentication is made the same way as in majority other cryptocurrency exchanges. It uses nonce and message signature, which are passed as HTTP headers.
Nonce
// Nonce example
const nonce = new Date() * 1000;
// Nonce example
<?php
$nonce = explode(' ', microtime());
$nonce = $nonce[1] . str_pad(substr($nonce[0], 2, 6), 6, '0');
?>
A nonce is an arbitrary number used only once in a cryptographic communication. Nonce is used to ensure old communications cannot be reused in replay attacks.
We recommend time-based incremental unsigned 64 bit integer for nonce generation.
Message Signature
const crypto = require('crypto');
const qs = require('qs');
const API_SECRET = { YOUR API SECRET }
const path = '/balance';
const nonce = new Date() * 1000;
// If no body parameters , leave it empty (const body = {})
const body = {
asset: 'EUR', //Optional
};
const data = qs.stringify(body);
const signature = getSignature(path, data, API_SECRET, nonce);
function getSignature(path, data, secret, nonce) {
const secret_buffer = new Buffer.from(secret, 'base64');
const hash = new crypto.createHash('sha256');
const hmac = new crypto.createHmac('sha512', secret_buffer);
const hash_digest = hash.update(nonce + data).digest('latin1');
const hmac_digest = hmac
.update(path + hash_digest, 'latin1')
.digest('base64');
return hmac_digest;
}
<?php
$API_SECRET = { YOUR API SECRET };
$path = '/balance';
// If no parameters, leave body empty array. $body = []
$body = array(
'asset' => 'EUR', // Optional
);
$postdata = http_build_query($body, '', '&');
$nonce = explode(' ', microtime());
$nonce = $nonce[1] . str_pad(substr($nonce[0], 2, 6), 6, '0');
$hash = $path . hash('sha256', $nonce . $postdata, true);
$signature = hash_hmac('sha512', $hash, base64_decode($API_SECRET), true);
$signature = base64_encode($signature);
?>
To generate hash of message signature, HMAC is used. Please check how this is done in different languages.
HTTP headers (for POST methods)
These headers should be added to every POST call which requires authentication.
| Name | Description | Required | Schema |
|---|---|---|---|
| api-key | Your api key | Yes | string |
| api-sign | Signature | Yes | string |
| nonce | Nonce | Yes | string |
| Content-Type | 'application/x-www-form-urlencoded' | Yes | string |
HTTP General Error Codes (for private methods)
| Code | Description |
|---|---|
| 451 | Credentials not found |
| 452 | API key is not active |
| 453 | Nonce value is not valid |
| 454 | This API key has no permission to use the endpoint |
| 455 | Forbidden. User tier level is too low |
Public API endpoints
Get all available assets
/assets
const axios = require('axios');
const API_URL = 'https://api.bitlocus.com'
const url =
API_URL + '/assets/'
axios
.get(url)
.then(response => {
const result = response.data;
})
.catch(e => console.log(e));
<?php
$curl = curl_init();
$API_URL = 'https://api.bitlocus.com';
curl_setopt_array($curl, array(
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_URL => $API_URL . '/assets/'
));
$response = curl_exec($curl);
curl_close($curl);
?>
The above command returns JSON structured like this:
{
"message": "Available assets",
"trades": [
{
"short": "EUR",
"full_name": "Euro",
"description": "Euro currency",
"type": "fiat",
"decimal_places": "6"
},
{
"short": "BTC",
"full_name": "Bitcoin",
"description": "Bitcoin cryptocurrency",
"type": "crypto",
"decimal_places": "8"
}
]
}
This endpoint returns all available assets
HTTP Request
GET https://api.bitlocus.com/assets
Get last trades
/trade_history/{ticker}
const axios = require('axios');
const API_URL = 'https://api.bitlocus.com'
const ticker = 'BTCEUR';
const query = '?limit=50&offset=0';
const url =
API_URL + '/trade_history/' + ticker + query
axios
.get(url)
.then(response => {
const result = response.data;
})
.catch(e => console.log(e));
<?php
$curl = curl_init();
$API_URL = 'https://api.bitlocus.com';
$ticker = 'BTCEUR';
$query = '&limit=50&offset=0'
curl_setopt_array($curl, array(
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_URL => $API_URL . '/trade_history/' . $ticker . $query
));
$response = curl_exec($curl);
curl_close($curl);
?>
The above command returns JSON structured like this:
{
"message": "Trades of BTCEUR ticker",
"trades": [
{
"id": "f46248d9-326f-405d-bfca-508e949116ad",
"price": "5560.58",
"quantity": "0.74821107",
"amount": "4160.48",
"ticker": "BTCEUR",
"taker": "B",
"updatedAt": "2020-12-14T01:05:07.771Z"
},
{
"id": "asdf1554-326f-405d-bfca-508e949116ad",
"price": "5570.68",
"quantity": "0.04834522",
"amount": "269.31",
"ticker": "BTCEUR",
"taker": "S",
"updatedAt": "2020-12-14T01:05:08.771Z"
}
]
}
This endpoint returns last 50 trades in exchange for ticker.
HTTP Request
GET https://api.bitlocus.com/trade_history/:ticker
Request Parameters
| Name | Location | Description | Required | Schema |
|---|---|---|---|---|
| ticker | path | Ticker e.g. BTCEUR | Yes | string |
| limit | query | Default 50 | No | integer |
| offset | query | Default 0 | No | integer |
Error Codes
| Code | Description |
|---|---|
| 400 | Bad request |
| 404 | Ticker {ticker} not found |
Get best bids and asks
/order_book/{ticker}
const axios = require('axios');
const API_URL = 'https://api.bitlocus.com'
const ticker = 'BTCEUR';
const url =
API_URL + '/order_book/' + ticker;
axios
.get(url)
.then(response => {
const result = response.data;
})
.catch(e => console.log(e));
<?php
$curl = curl_init();
$API_URL = 'https://api.bitlocus.com';
$ticker = 'BTCEUR';
curl_setopt_array($curl, array(
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_URL => $API_URL . '/order_book/' . $ticker
));
$resp = curl_exec($curl);
curl_close($curl);
?>
The above command returns JSON structured like this:
{
"message": "Success message",
"data": {
"bids": [
{
"price": "5000",
"quantity": "0.25"
},
{
"price": "5000",
"quantity": "0.25"
},
{
"price": "5000",
"quantity": "0.25"
}
],
"asks": [
{
"price": "7000",
"quantity": "0.01"
}
]
}
}
Returns current best 100 bids and asks in exchange for ticker (bids in descending order, asks in ascending order)
HTTP Request
GET https://api.bitlocus.com/order_book/:ticker
Request Parameters
| Name | Location | Description | Required | Schema |
|---|---|---|---|---|
| ticker | path | Ticker e.g. BTCEUR | Yes | string |
Error Codes
| Code | Description |
|---|---|
| 400 | Bad request |
| 404 | Ticker {ticker} not found |
Get available markets
/markets
const axios = require('axios');
const API_URL = 'https://api.bitlocus.com'
axios
.get(API_URL + '/markets')
.then(response => {
const result = response.data;
})
.catch(e => console.log(e));
<?php
$curl = curl_init();
$API_URL = 'https://api.bitlocus.com';
curl_setopt_array($curl, array(
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_URL => $API_URL . '/markets'
));
$resp = curl_exec($curl);
curl_close($curl);
?>
The above command returns JSON structured like this:
{
"message": "Available tickers",
"tickers": [
{
"name": "BTCEUR",
"base": "BTC",
"quote": "EUR",
"type": "spot",
"24h_volume": "6.11834936",
"24h_high": "7929.14",
"24h_low": "7622.78",
"best_bid": "7621.02",
"best_ask": "7653.62",
"last": "7653.62"
},
{
"name": "ETHEUR",
"base": "ETH",
"quote": "EUR",
"type": "spot",
"24h_volume": "92.12407318",
"24h_high": "175.8",
"24h_low": "170.58",
"best_bid": "169.29",
"best_ask": "170.77",
"last": "170.77"
}
]
}
Returns available tickers (markets)
HTTP Request
GET https://api.bitlocus.com/markets
Private API endpoints
Get balance
/balance/{asset}
const crypto = require('crypto');
const axios = require('axios');
const qs = require('qs');
const API_URL = 'https://api.bitlocus.com';
const API_KEY = { YOUR API KEY }
const API_SECRET = { YOUR API SECRET }
const path = '/balance';
const nonce = new Date().getTime();
const params = {
asset: 'EUR', // optional
};
const data = qs.stringify(params);
const signature = getSignature(path, data, API_SECRET, nonce);
const query = getQuery(params);
const options = {
method: 'GET',
url: `${API_URL}${path}${query}`,
headers: {
'api-key': API_KEY,
'api-sign': signature,
nonce,
},
};
axios(options)
.then(response => {
const { data } = response;
console.log('RESULT', data);
})
.catch(e => {
e = e.response || e;
e = e.data || e;
console.error(e);
});
function getQuery(params) {
if (Object.keys(params).length) return `?${new URLSearchParams(params)}`;
return '';
}
function getSignature(path, data, secret, nonce) {
const secret_buffer = new Buffer.from(secret, 'base64');
const hash = new crypto.createHash('sha256');
const hmac = new crypto.createHmac('sha512', secret_buffer);
const hash_digest = hash.update(nonce + data).digest('latin1');
const hmac_digest = hmac.update(path + hash_digest, 'latin1').digest('base64');
return hmac_digest;
}
<?php
$curl = curl_init();
$API_URL = 'https://api.bitlocus.com';
$API_KEY = { YOUR API KEY };
$API_SECRET = { YOUR API SECRET };
$path = '/balance';
// If no parameters, leave body empty array. $body = []
$body = array(
'asset' => 'EUR', // Optional
);
$nonce = explode(' ', microtime());
$nonce = $nonce[1] . str_pad(substr($nonce[0], 2, 6), 6, '0');
$data = http_build_query($body, '', '&');
$hash = $path . hash('sha256', $nonce . $data, true);
$signature = hash_hmac('sha512', $hash, base64_decode($API_SECRET), true);
$signature = base64_encode($signature);
$url = $API_URL . $path;
if($data)
$url = $url . '?' . $data;
curl_setopt_array($curl, array(
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => array(
'api-key: ' . $API_KEY,
'api-sign: ' . $signature,
'nonce: ' . $nonce
),
));
$response = curl_exec($curl);
curl_close($curl);
print_r($response);
?>
The above command returns JSON structured like this:
{
"message": "User Balances",
"balances": [
{
"asset": "EUR",
"available_balance": "1520.00",
"total_balance": "1560.00",
"reserved": "40.00"
},
{
"asset": "BTC",
"available_balance": "1.00001500",
"total_balance": "1.50001500",
"reserved": "0.50000000"
}
]
}
This endpoint returns user account balances for:
- particular asset, if parameter
assetis given - all of the supported assets, if parameter
assetis skipped
HTTP Request
GET https://api.bitlocus.com/balance
Request Parameters
| Name | Location | Description | Required | Schema |
|---|---|---|---|---|
| asset | query | E.g EUR, BTC, ETH or other | No | string |
Error Codes
| Code | Description |
|---|---|
| 404 | Asset {asset} not found |
Place Limit Order
/add_limit_order
const crypto = require('crypto');
const axios = require('axios');
const qs = require('qs');
const API_URL = 'https://api.bitlocus.com';
const API_KEY = { YOUR API KEY }
const API_SECRET = { YOUR API SECRET }
const path = '/add_limit_order';
const nonce = new Date() * 1000;
// NOTE: all body parameter types must be strings
const body = {
ticker: "BTCEUR",
side: "buy",
price: "5000",
quantity: "0.25",
};
const data = qs.stringify(body);
const signature = getSignature(path, data, API_SECRET, nonce);
const options = {
method: 'post',
url: API_URL + path,
data,
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'api-key': API_KEY,
'api-sign': signature,
nonce,
},
};
axios(options)
.then(response => {
const result = response.data;
})
.catch(e => console.log(e.response.data));
function getSignature(path, data, secret, nonce) {
const secret_buffer = new Buffer.from(secret, 'base64');
const hash = new crypto.createHash('sha256');
const hmac = new crypto.createHmac('sha512', secret_buffer);
const hash_digest = hash.update(nonce + data).digest('latin1');
const hmac_digest = hmac
.update(path + hash_digest, 'latin1')
.digest('base64');
return hmac_digest;
}
<?php
$curl = curl_init();
$API_URL = 'https://api.bitlocus.com';
$API_KEY = { YOUR API KEY };
$API_SECRET = { YOUR API SECRET };
$path = '/add_limit_order';
$body = array(
'ticker' => 'BTCEUR',
'side' => 'buy',
'price' => '4500',
'quantity' => '0.01'
);
$postdata = http_build_query($body, '', '&');
$nonce = explode(' ', microtime());
$nonce = $nonce[1] . str_pad(substr($nonce[0], 2, 6), 6, '0');
$hash = $path . hash('sha256', $nonce . $postdata, true);
$signature = hash_hmac('sha512', $hash, base64_decode($API_SECRET), true);
$signature = base64_encode($signature);
curl_setopt_array($curl, array(
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_URL => $API_URL . $path,
CURLOPT_POST => 1,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => array(
'Content-Type: application/x-www-form-urlencoded',
'api-key: ' . $API_KEY,
'api-sign: ' . $signature,
'nonce: ' . $nonce
),
CURLOPT_POSTFIELDS => $postdata
));
$response = curl_exec($curl);
curl_close($curl);
print_r($response);
?>
The above command returns JSON structured like this:
{
"message": "Order placed successfully",
"id": "10d486d0-2a61-11eb-8188-7b2c438dd9cf",
"order": {
"id": "10d486d0-2a61-11eb-8188-7b2c438dd9cf",
"ticker": "BTCEUR",
"side": "buy",
"type": "limit",
"price": "11250",
"quantityInitial": "0.01225",
"quantityRemaining": "0.01225",
"status": "A"
}
}
Place limit order
HTTP Request
POST https://api.bitlocus.com/add_limit_order
Request Parameters
| Name | Location | Description | Required | Schema |
|---|---|---|---|---|
| ticker | body | E.g btceur | Yes | string |
| side | body | buy/sell | Yes | string |
| price | body | Order price | Yes | string |
| quantity | body | Order quantity | Yes | string |
Possible Order Status
| Satus | Description |
|---|---|
| A | Active - order is open. |
| C | Cancelled - order is cancelled. |
| F | Fulfilled - order is fully mached. |
Error Codes
| Code | Description |
|---|---|
| 400 | Parameter "price" or "quantity" is not a number |
| 403 | Parameter "side" must be one of these: "buy", "sell" |
| 404 | Ticker {ticker} not found |
| 411 | Balance not enough to place and order |
| 412 | There are opposite orders of this user, trade with self is forbidden |
| 413 | Order values are lower than allowed. Min possible order value is ${min_value} ${asset} |
| 414 | Account is locked |
Place Market Order
/add_market_order
const crypto = require('crypto');
const axios = require('axios');
const qs = require('qs');
const API_URL = 'https://api.bitlocus.com';
const API_KEY = { YOUR API KEY }
const API_SECRET = { YOUR API SECRET }
const path = '/add_market_order';
const nonce = new Date() * 1000;
// NOTE: all body parameter types must be strings
const buy_order_body = {
ticker: "BTCEUR",
side: "buy",
amount: "5000",
};
const sell_order_body = {
ticker: "BTCEUR",
side: "sell",
quantity: "1.25",
};
const data = qs.stringify(buy_order_body);
const signature = getSignature(path, data, API_SECRET, nonce);
const options = {
method: 'post',
url: API_URL + path,
data,
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'api-key': API_KEY,
'api-sign': signature,
nonce,
},
};
axios(options)
.then(response => {
const result = response.data;
})
.catch(e => console.log(e.response.data));
function getSignature(path, data, secret, nonce) {
const secret_buffer = new Buffer.from(secret, 'base64');
const hash = new crypto.createHash('sha256');
const hmac = new crypto.createHmac('sha512', secret_buffer);
const hash_digest = hash.update(nonce + data).digest('latin1');
const hmac_digest = hmac
.update(path + hash_digest, 'latin1')
.digest('base64');
return hmac_digest;
}
<?php
$curl = curl_init();
$API_URL = 'https://api.bitlocus.com';
$API_KEY = { YOUR API KEY };
$API_SECRET = { YOUR API SECRET };
$path = '/add_market_order';
$buy_order_body = array(
'ticker' => 'BTCEUR',
'side' => 'buy',
'amount' => '4500',
);
$sell_order_body = array(
'ticker' => 'BTCEUR',
'side' => 'sell',
'quantity' => '1.25'
);
$postdata = http_build_query($buy_order_body, '', '&');
$nonce = explode(' ', microtime());
$nonce = $nonce[1] . str_pad(substr($nonce[0], 2, 6), 6, '0');
$hash = $path . hash('sha256', $nonce . $postdata, true);
$signature = hash_hmac('sha512', $hash, base64_decode($API_SECRET), true);
$signature = base64_encode($signature);
curl_setopt_array($curl, array(
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_URL => $API_URL . $path,
CURLOPT_POST => 1,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => array(
'Content-Type: application/x-www-form-urlencoded',
'api-key: ' . $API_KEY,
'api-sign: ' . $signature,
'nonce: ' . $nonce
),
CURLOPT_POSTFIELDS => $postdata
));
$response = curl_exec($curl);
curl_close($curl);
print_r($response);
?>
When "side" = "buy" the above command returns JSON structured like this:
{
"id": "3ee0e2d0-3ecf-11eb-92f4-09c90baada06",
"message": "Order executed successfully",
"order": {
"id": "3ee0e2d0-3ecf-11eb-92f4-09c90baada06",
"ticker": "BTCEUR",
"side": "buy",
"status": "F",
"amount": "100"
}
}
When "side" = "sell" the above command returns JSON structured like this:
{
"id": "233684e0-3ecf-11eb-92f4-09c90baada06",
"message": "Order executed successfully",
"order": {
"id": "233684e0-3ecf-11eb-92f4-09c90baada06",
"ticker": "BTCEUR",
"side": "sell",
"status": "F",
"quantity": "0.01"
}
}
Place market order.
Important:
When "side" = "buy", then "amount" is mandatory, and "quantity" cannot
be set.
When "side" = "sell", then "quantity" is mandatory, and "amount" cannot
be set.
HTTP Request
POST https://api.bitlocus.com/add_market_order
Request Parameters
| Name | Location | Description | Required | Schema |
|---|---|---|---|---|
| ticker | body | E.g btceur | Yes | string |
| side | body | buy/sell | Yes | string |
| amount | body | Order amount | No | string |
| quantity | body | Order quantity | No | string |
Possible Order Status
| Satus | Description |
|---|---|
| F | Fulfilled - order is fully mached. |
Error Codes
| Code | Description |
|---|---|
| 400 | Parameter "amount" or "quantity" is not a number |
| 401 | When "side" = "buy", then "amount" is mandatory |
| 402 | When "side" = "sell", then "quantity" is mandatory |
| 403 | Parameter "side" must be one of these: "buy", "sell" |
| 404 | Ticker {ticker} not found |
| 411 | Balance not enough to place and order |
| 412 | There are opposite orders of this user, trade with self is forbidden |
| 413 | Order values are lower than allowed. Min possible order value is ${min_value} ${asset} |
| 414 | Account is locked |
| 415 | Market order quantity is too low |
| 416 | Not enough orders (liquidity) to fill market order |
Cancel Order
/cancel
const crypto = require('crypto');
const axios = require('axios');
const qs = require('qs');
const API_URL = 'https://api.bitlocus.com';
const API_KEY = { YOUR API KEY }
const API_SECRET = { YOUR API SECRET }
const path = '/cancel';
const nonce = new Date() * 1000;
const body = {
id: "f18cde40-3ff1-11e9-9dca-c5201463d22f",
};
const data = qs.stringify(body);
const signature = getSignature(path, data, API_SECRET, nonce);
const options = {
method: 'post',
url: API_URL + path,
data,
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'api-key': API_KEY,
'api-sign': signature,
nonce,
},
};
axios(options)
.then(response => {
const result = response.data;
})
.catch(e => console.log(e.response.data));
function getSignature(path, data, secret, nonce) {
const secret_buffer = new Buffer.from(secret, 'base64');
const hash = new crypto.createHash('sha256');
const hmac = new crypto.createHmac('sha512', secret_buffer);
const hash_digest = hash.update(nonce + data).digest('latin1');
const hmac_digest = hmac
.update(path + hash_digest, 'latin1')
.digest('base64');
return hmac_digest;
}
<?php
$curl = curl_init();
$API_URL = 'https://api.bitlocus.com';
$API_KEY = { YOUR API KEY };
$API_SECRET = { YOUR API SECRET };
$path = '/cancel';
$body = array(
'id' => "f18cde40-3ff1-11e9-9dca-c5201463d22f"
);
$postdata = http_build_query($body, '', '&');
$nonce = explode(' ', microtime());
$nonce = $nonce[1] . str_pad(substr($nonce[0], 2, 6), 6, '0');
$hash = $path . hash('sha256', $nonce . $postdata, true);
$signature = hash_hmac('sha512', $hash, base64_decode($API_SECRET), true);
$signature = base64_encode($signature);
curl_setopt_array($curl, array(
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_URL => $API_URL . $path,
CURLOPT_POST => 1,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => array(
'Content-Type: application/x-www-form-urlencoded',
'api-key: ' . $API_KEY,
'api-sign: ' . $signature,
'nonce: ' . $nonce
),
CURLOPT_POSTFIELDS => $postdata
));
$response = curl_exec($curl);
curl_close($curl);
print_r($response);
?>
The above command returns JSON structured like this:
{
"message": "Success message",
"order": {
"id": "10d486d0-2a61-11eb-8188-7b2c438dd9cf",
"ticker": "BTCEUR",
"side": "buy",
"type": "limit",
"price": "11250",
"quantityInitial": "0.01225",
"quantityRemaining": "0.01225",
"status": "C",
"createdAt": "2020-12-14T09:21:21.569Z"
}
}
Cancel order
HTTP Request
POST https://api.bitlocus.com/cancel
Request Parameters
| Name | Location | Description | Required | Schema |
|---|---|---|---|---|
| id | body | Order id | Yes | string |
Possible Order Status
| Satus | Description |
|---|---|
| C | Cancelled - order is cancelled. |
Error Codes
| Code | Description |
|---|---|
| 400 | Wrong "id" is given |
| 404 | Order not found |
| 409 | Open order not found |
Cancel All Orders
/cancel_all_orders
const crypto = require('crypto');
const axios = require('axios');
const qs = require('qs');
const API_URL = 'https://api.bitlocus.com';
const API_KEY = { YOUR API KEY }
const API_SECRET = { YOUR API SECRET }
const path = '/cancel_all_orders';
const nonce = new Date() * 1000;
const body = {
ticker: "BTCEUR",
};
const data = qs.stringify(body);
const signature = getSignature(path, data, API_SECRET, nonce);
const options = {
method: 'post',
url: API_URL + path,
data,
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'api-key': API_KEY,
'api-sign': signature,
nonce,
},
};
axios(options)
.then(response => {
const result = response.data;
})
.catch(e => console.log(e.response.data));
function getSignature(path, data, secret, nonce) {
const secret_buffer = new Buffer.from(secret, 'base64');
const hash = new crypto.createHash('sha256');
const hmac = new crypto.createHmac('sha512', secret_buffer);
const hash_digest = hash.update(nonce + data).digest('latin1');
const hmac_digest = hmac
.update(path + hash_digest, 'latin1')
.digest('base64');
return hmac_digest;
}
<?php
$curl = curl_init();
$API_URL = 'https://api.bitlocus.com';
$API_KEY = { YOUR API KEY };
$API_SECRET = { YOUR API SECRET };
$path = '/cancel_all_orders';
$body = array(
'ticker' => "BTCEUR"
);
$postdata = http_build_query($body, '', '&');
$nonce = explode(' ', microtime());
$nonce = $nonce[1] . str_pad(substr($nonce[0], 2, 6), 6, '0');
$hash = $path . hash('sha256', $nonce . $postdata, true);
$signature = hash_hmac('sha512', $hash, base64_decode($API_SECRET), true);
$signature = base64_encode($signature);
curl_setopt_array($curl, array(
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_URL => $API_URL . $path,
CURLOPT_POST => 1,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => array(
'Content-Type: application/x-www-form-urlencoded',
'api-key: ' . $API_KEY,
'api-sign: ' . $signature,
'nonce: ' . $nonce
),
CURLOPT_POSTFIELDS => $postdata
));
$response = curl_exec($curl);
curl_close($curl);
print_r($response);
?>
The above command returns JSON structured like this:
{
"message": "Success message"
}
Cancel all orders
HTTP Request
POST https://api.bitlocus.com/cancel_all_orders
Request Parameters
| Name | Location | Description | Required | Schema |
|---|---|---|---|---|
| ticker | body | Ticker name | Yes | string |
Error Codes
| Code | Description |
|---|---|
| 404 | Ticker {ticker} not found |
Order info
/order_info
const crypto = require('crypto');
const axios = require('axios');
const qs = require('qs');
const API_URL = 'https://api.bitlocus.com';
const API_KEY = { YOUR API KEY }
const API_SECRET = { YOUR API SECRET }
const path = '/order_info';
const params = {
id: 'cdb0d1f0-3ea7-11eb-92f4-09c90baada06', // required
};
const data = qs.stringify(params);
const nonce = new Date().getTime();
const signature = getSignature(path, data, API_SECRET, nonce);
const query = getQuery(params);
const options = {
method: 'GET',
url: `${API_URL}${path}${query}`,
headers: {
'api-key': API_KEY,
'api-sign': signature,
nonce,
},
};
axios(options)
.then(response => {
const { data } = response;
console.log('RESULT', data);
})
.catch(e => {
e = e.response || e;
e = e.data || e;
console.error(e);
});
function getQuery(params) {
if (Object.keys(params).length) return `?${new URLSearchParams(params)}`;
return '';
}
function getSignature(path, data, secret, nonce) {
const secret_buffer = new Buffer.from(secret, 'base64');
const hash = new crypto.createHash('sha256');
const hmac = new crypto.createHmac('sha512', secret_buffer);
const hash_digest = hash.update(nonce + data).digest('latin1');
const hmac_digest = hmac.update(path + hash_digest, 'latin1').digest('base64');
return hmac_digest;
}
<?php
$curl = curl_init();
$API_URL = 'https://api.bitlocus.com';
$API_KEY = { YOUR API KEY };
$API_SECRET = { YOUR API SECRET };
$path = '/order_info';
$body = array(
'id' => 'cdb0d1f0-3ea7-11eb-92f4-09c90baada06', // required
);
$nonce = explode(' ', microtime());
$nonce = $nonce[1] . str_pad(substr($nonce[0], 2, 6), 6, '0');
$data = http_build_query($body, '', '&');
$hash = $path . hash('sha256', $nonce . $data, true);
$signature = hash_hmac('sha512', $hash, base64_decode($API_SECRET), true);
$signature = base64_encode($signature);
$url = $API_URL . $path;
if($data)
$url = $url . '?' . $data;
curl_setopt_array($curl, array(
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => array(
'api-key: ' . $API_KEY,
'api-sign: ' . $signature,
'nonce: ' . $nonce
),
));
$response = curl_exec($curl);
curl_close($curl);
print_r($response);
?>
The above command returns JSON structured like this:
{
"message": "Order info",
"order": {
"id": "cdb0d1f0-3ea7-11eb-92f4-09c90baada06",
"ticker": "BTCEUR",
"type": "limit",
"side": "buy",
"price": "16000",
"quantityInitial": "0.1",
"quantityRemaining": "0.06",
"status": "A",
"createdAt": "2020-12-15T07:33:19.631Z",
"trades": [
{
"id": "cdc1e8f0-3ea7-11eb-92f4-09c90baada06",
"orderId": "cdb0d1f0-3ea7-11eb-92f4-09c90baada06",
"ticker": "BTCEUR",
"side": "buy",
"quantity": "0.03",
"price": "15550",
"amount": "466.5",
"appliedFee": "0.004",
"chargedFee": "1.86",
"takerOrMaker": "taker",
"createdAt": "2020-12-15T07:33:19.890Z"
},
{
"id": "cdbba760-3ea7-11eb-92f4-09c90baada06",
"orderId": "cdb0d1f0-3ea7-11eb-92f4-09c90baada06",
"ticker": "BTCEUR",
"side": "buy",
"quantity": "0.01",
"price": "15000",
"amount": "150",
"appliedFee": "0.004",
"chargedFee": "0.6",
"takerOrMaker": "taker",
"createdAt": "2020-12-15T07:33:19.742Z"
}
]
}
}
Returns data for particular order.
HTTP Request
GET https://api.bitlocus.com/order_info
Request Parameters
| Name | Location | Description | Required | Schema |
|---|---|---|---|---|
| id | query | Order id | Yes | string |
Possible Order Status
| Satus | Description |
|---|---|
| A | Active - order is open. |
| C | Cancelled - order is cancelled. |
| F | Fulfilled - order is fully mached. |
Error Codes
| Code | Description |
|---|---|
| 400 | Wrong "id" is given |
| 404 | Order not found |
Open orders
/open_orders
const crypto = require('crypto');
const axios = require('axios');
const qs = require('qs');
const API_URL = 'https://api.bitlocus.com';
const API_KEY = { YOUR API KEY }
const API_SECRET = { YOUR API SECRET }
const path = '/open_orders';
const params = {
ticker: 'btceur', // optional
limit: 10, // optional
offset: 0, // optional
};
const data = qs.stringify(params);
const nonce = new Date().getTime();
const signature = getSignature(path, data, API_SECRET, nonce);
const query = getQuery(params);
const options = {
method: 'GET',
url: `${API_URL}${path}${query}`,
headers: {
'api-key': API_KEY,
'api-sign': signature,
nonce,
},
};
axios(options)
.then(response => {
const { data } = response;
console.log('RESULT', data);
})
.catch(e => {
e = e.response || e;
e = e.data || e;
console.error(e);
});
function getQuery(params) {
if (Object.keys(params).length) return `?${new URLSearchParams(params)}`;
return '';
}
function getSignature(path, data, secret, nonce) {
const secret_buffer = new Buffer.from(secret, 'base64');
const hash = new crypto.createHash('sha256');
const hmac = new crypto.createHmac('sha512', secret_buffer);
const hash_digest = hash.update(nonce + data).digest('latin1');
const hmac_digest = hmac.update(path + hash_digest, 'latin1').digest('base64');
return hmac_digest;
}
<?php
$curl = curl_init();
$API_URL = 'https://api.bitlocus.com';
$API_KEY = { YOUR API KEY };
$API_SECRET = { YOUR API SECRET };
$path = '/open_orders';
// If no parameters, leave body empty array. $body = []
$body = array(
'ticker' => 'btceur', // optional
'limit' => 100, // optional
'offset' => 0, // optional
);
$nonce = explode(' ', microtime());
$nonce = $nonce[1] . str_pad(substr($nonce[0], 2, 6), 6, '0');
$data = http_build_query($body, '', '&');
$hash = $path . hash('sha256', $nonce . $data, true);
$signature = hash_hmac('sha512', $hash, base64_decode($API_SECRET), true);
$signature = base64_encode($signature);
$url = $API_URL . $path;
if($data)
$url = $url . '?' . $data;
curl_setopt_array($curl, array(
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => array(
'api-key: ' . $API_KEY,
'api-sign: ' . $signature,
'nonce: ' . $nonce
),
));
$response = curl_exec($curl);
curl_close($curl);
print_r($response);
?>
The above command returns JSON structured like this:
{
"message": "Open orders",
"orders": {
"count": 2,
"rows": [
{
"id": "4fe99cb0-3ea8-11eb-92f4-09c90baada06",
"ticker": "BTCEUR",
"side": "buy",
"type": "limit",
"price": "14000",
"quantityInitial": "0.0256",
"quantityRemaining": "0.0256",
"status": "A",
"createdAt": "2020-12-15T07:36:58.107Z",
"trades": []
},
{
"id": "cdb0d1f0-3ea7-11eb-92f4-09c90baada06",
"ticker": "BTCEUR",
"side": "buy",
"type": "limit",
"price": "16000",
"quantityInitial": "0.1",
"quantityRemaining": "0.06",
"status": "A",
"createdAt": "2020-12-15T07:33:19.631Z",
"trades": [
{
"id": "cdc1e8f0-3ea7-11eb-92f4-09c90baada06",
"orderId": "cdb0d1f0-3ea7-11eb-92f4-09c90baada06",
"ticker": "BTCEUR",
"side": "buy",
"quantity": "0.03",
"price": "15550",
"amount": "466.5",
"appliedFee": "0.004",
"chargedFee": "1.86",
"takerOrMaker": "taker",
"createdAt": "2020-12-15T07:33:19.890Z"
},
{
"id": "cdbba760-3ea7-11eb-92f4-09c90baada06",
"orderId": "cdb0d1f0-3ea7-11eb-92f4-09c90baada06",
"ticker": "BTCEUR",
"side": "buy",
"quantity": "0.01",
"price": "15000",
"amount": "150",
"appliedFee": "0.004",
"chargedFee": "0.6",
"takerOrMaker": "taker",
"createdAt": "2020-12-15T07:33:19.742Z"
}
]
}
]
}
}
Returns open (active) orders for user.
HTTP Request
GET https://api.bitlocus.com/open_orders
Request Parameters
| Name | Location | Description | Required | Schema |
|---|---|---|---|---|
| limit | query | Default 100 | no | integer |
| offset | query | Defualt 0 | no | integer |
| ticker | query | E.g. BTCEUR | no | string |
Possible Order Status
| Satus | Description |
|---|---|
| A | Active - order is open. |
| C | Cancelled - order is cancelled. |
| F | Fulfilled - order is fully mached. |
Error Codes
| Code | Description |
|---|---|
| 404 | Ticker {ticker} not found |
User Trades
/user_trades
const crypto = require('crypto');
const axios = require('axios');
const qs = require('qs');
const API_URL = 'https://api.bitlocus.com';
const API_KEY = { YOUR API KEY }
const API_SECRET = { YOUR API SECRET }
const path = '/user_trades';
const params = {
ticker: 'btceur', // required
limit: 50, // optional
offset: 0, // optional
};
const data = qs.stringify(params);
const nonce = new Date().getTime();
const signature = getSignature(path, data, API_SECRET, nonce);
const query = getQuery(params);
const options = {
method: 'GET',
url: `${API_URL}${path}${query}`,
headers: {
'api-key': API_KEY,
'api-sign': signature,
nonce,
},
};
axios(options)
.then(response => {
const { data } = response;
console.log('RESULT', data);
})
.catch(e => {
e = e.response || e;
e = e.data || e;
console.error(e);
});
function getQuery(params) {
if (Object.keys(params).length) return `?${new URLSearchParams(params)}`;
return '';
}
function getSignature(path, data, secret, nonce) {
const secret_buffer = new Buffer.from(secret, 'base64');
const hash = new crypto.createHash('sha256');
const hmac = new crypto.createHmac('sha512', secret_buffer);
const hash_digest = hash.update(nonce + data).digest('latin1');
const hmac_digest = hmac.update(path + hash_digest, 'latin1').digest('base64');
return hmac_digest;
}
<?php
$curl = curl_init();
$API_URL = 'https://api.bitlocus.com';
$API_KEY = { YOUR API KEY };
$API_SECRET = { YOUR API SECRET };
$path = '/user_trades';
$body = array(
'ticker' => 'btceur', // required
'limit' => 50, // optional
'offset' => 0, // optional
);
$nonce = explode(' ', microtime());
$nonce = $nonce[1] . str_pad(substr($nonce[0], 2, 6), 6, '0');
$data = http_build_query($body, '', '&');
$hash = $path . hash('sha256', $nonce . $data, true);
$signature = hash_hmac('sha512', $hash, base64_decode($API_SECRET), true);
$signature = base64_encode($signature);
$url = $API_URL . $path;
if($data)
$url = $url . '?' . $data;
curl_setopt_array($curl, array(
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => array(
'api-key: ' . $API_KEY,
'api-sign: ' . $signature,
'nonce: ' . $nonce
),
));
$response = curl_exec($curl);
curl_close($curl);
print_r($response);
?>
The above command returns JSON structured like this:
{
"message": "User trades",
"trades": {
"count": 215,
"rows": [
{
"tradeId": "cdc1e8f0-3ea7-11eb-92f4-09c90baada06",
"orderId": "cdb0d1f0-3ea7-11eb-92f4-09c90baada06",
"ticker": "BTCEUR",
"side": "buy",
"takerOrMaker": "taker",
"quantity": "0.03",
"price": "15550",
"amount": "466.5",
"appliedFee": "0.002",
"chargedFee": "1.86",
"createdAt": "2020-12-15T07:33:19.890Z"
},
{
"tradeId": "cdbba760-3ea7-11eb-92f4-09c90baada06",
"orderId": "cdb0d1f0-3ea7-11eb-92f4-09c90baada06",
"ticker": "BTCEUR",
"side": "buy",
"takerOrMaker": "taker",
"quantity": "0.01",
"price": "15000",
"amount": "150",
"appliedFee": "0.002",
"chargedFee": "0.6",
"createdAt": "2020-12-15T07:33:19.742Z"
},
{
"tradeId": "f69974b0-3e06-11eb-92f4-09c90baada06",
"orderId": "f691d390-3e06-11eb-92f4-09c90baada06",
"ticker": "BTCEUR",
"side": "buy",
"takerOrMaker": "taker",
"quantity": "0.0014",
"price": "5000",
"amount": "7",
"appliedFee": "0.004",
"chargedFee": "0.02",
"createdAt": "2020-12-14T12:21:59.324Z"
}
]
}
}
Returns last 50 trades for user.
HTTP Request
GET https://api.bitlocus.com/user_trades
Request Parameters
| Name | Location | Description | Required | Schema |
|---|---|---|---|---|
| ticker | query | Ticker e.g "BTCEUR" | yes | string |
| limit | query | Default 50 | no | integer |
| offset | query | Defualt 0 | no | integer |
Error Codes
| Code | Description |
|---|---|
| 400 | Bad request |
| 404 | Ticker {ticker} not found |
User Payments
/payments
const crypto = require('crypto');
const axios = require('axios');
const qs = require('qs');
const API_URL = 'https://api.bitlocus.com';
const API_KEY = { YOUR API KEY }
const API_SECRET = { YOUR API SECRET }
const path = '/payments';
const params = {
asset: 'eur', // optional
limit: 50, // optional
offset: 0, // optional
};
const data = qs.stringify(params);
const nonce = new Date().getTime();
const signature = getSignature(path, data, API_SECRET, nonce);
const query = getQuery(params);
const options = {
method: 'GET',
url: `${API_URL}${path}${query}`,
headers: {
'api-key': API_KEY,
'api-sign': signature,
nonce,
},
};
axios(options)
.then(response => {
const { data } = response;
console.log('RESULT', data);
})
.catch(e => {
e = e.response || e;
e = e.data || e;
console.error(e);
});
function getQuery(params) {
if (Object.keys(params).length) return `?${new URLSearchParams(params)}`;
return '';
}
function getSignature(path, data, secret, nonce) {
const secret_buffer = new Buffer.from(secret, 'base64');
const hash = new crypto.createHash('sha256');
const hmac = new crypto.createHmac('sha512', secret_buffer);
const hash_digest = hash.update(nonce + data).digest('latin1');
const hmac_digest = hmac.update(path + hash_digest, 'latin1').digest('base64');
return hmac_digest;
}
<?php
$curl = curl_init();
$API_URL = 'https://api.bitlocus.com';
$API_KEY = { YOUR API KEY };
$API_SECRET = { YOUR API SECRET };
$path = '/payments';
$body = array(
'asset' => 'eur', // optional
'limit' => 50, // optional
'offset' => 0, // optional
);
$nonce = explode(' ', microtime());
$nonce = $nonce[1] . str_pad(substr($nonce[0], 2, 6), 6, '0');
$data = http_build_query($body, '', '&');
$hash = $path . hash('sha256', $nonce . $data, true);
$signature = hash_hmac('sha512', $hash, base64_decode($API_SECRET), true);
$signature = base64_encode($signature);
$url = $API_URL . $path;
if($data)
$url = $url . '?' . $data;
curl_setopt_array($curl, array(
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => array(
'api-key: ' . $API_KEY,
'api-sign: ' . $signature,
'nonce: ' . $nonce
),
));
$response = curl_exec($curl);
curl_close($curl);
print_r($response);
?>
The above command returns JSON structured like this:
{
"message": "User payments",
"payments": {
"count": 64,
"rows": [
{
"id": "9cfcd7e0-2da2-11eb-b168-7b64786458a7",
"type": "deposit",
"asset": "EUR",
"amount": "56",
"fee": "2.46",
"createdAt": "2020-11-23T15:43:20.671Z"
},
{
"id": "4fd5fc60-1521-11eb-9af3-5f9f6791b30f",
"type": "deposit",
"asset": "EUR",
"amount": "56",
"fee": "2.46",
"createdAt": "2020-10-23T11:17:18.246Z"
},
{
"id": "161879c0-5fba-11ea-bbbd-71a665eb6aae",
"type": "withdrawal",
"asset": "BTC",
"amount": "0.01367824",
"fee": "0.0005",
"createdAt": "2020-03-06T14:52:22.748Z"
},
{
"id": "ffb74210-5fb9-11ea-bbbd-71a665eb6aae",
"type": "withdrawal",
"asset": "BTC",
"amount": "0.01372879",
"fee": "0.0005",
"createdAt": "2020-03-06T14:51:45.201Z"
}
]
}
}
Returns user payments
HTTP Request
GET https://api.bitlocus.com/payments
Request Parameters
| Name | Location | Description | Required | Schema |
|---|---|---|---|---|
| asset | query | Asset e.g 'EUR', 'BTC' | no | string |
| limit | query | Default 50 | no | integer |
| offset | query | Default 0 | no | integer |
Error Codes
| Code | Description |
|---|---|
| 400 | Bad request |
| 404 | Asset {asset} not found |