API security

Do we have any best practices on how to manage sub-accounts and API keys.
How do we make sure API keys are managed efficiently and securely. What are the features/ best practices provided by Binance to make sure handling is secure

How to use sub-accounts by API is a big topic, and may rely on your trading policies.
It may be easier to trade with sub-accounts that:

  • different sub-accounts for different trading strategies,
  • different sub-accounts for different market or even symbol. ( spot, futures)

For API keys:

  • separate trading keys from the key for withdraw.
  • don’t give API permissions that don’t need.
  • always specify access IPs.
  • etc.
1 Like