why do I see this error "Invalid API-key, IP, or permissions for action."

This is a common issue and many asked from API users. The reason is just as said from error message:

  • API key is wrong. Check again if the API key is correct.
  • API key is not in the header. Set API key as value of X-MBX-APIKEY in the request header.
  • IP restriction issue.
    • Run wget -qO- http://ipecho.net/plain | xargs echo to validate your IP.
    • Is this IP in your IP address whitelist if you enabled the feature.
    • If you enabled IPv6, please try to turn it off and see if it works on IPv4 only.
  • Did you grant enough permission for this request for your API key?
    • To withdraw, you will need to enable withdraw for API.
    • For margin borrow, you will need margin permission.
  • Are you working on testnet with production key? or vice versa?
  • [Futures (USDⓈ-M or COIN-M)] API Key created before your futures account opened. If the Key was generated before futures account is open, you will still see this error even “Enable Future” is checked. Please generate a new key and have a try.
  • Account has reached the max number of API Keys. Currently, it’s 30 API Keys per account.

If you still see this error by using library, it may be worth to print out the raw request headers, and see what is actually sent.

We have a small collections of python scripts that working out of box binance-signature-examples/spot.py at master · binance/binance-signature-examples · GitHub
It can be helpful to find out the potential issue in the application of client side.