Manage Credentials
List, rotate, and revoke your exchange credentials.
List Credentials
Retrieve all credentials associated with your account:
- Python
- TypeScript
- Go
response = credential_api.list_trading_account_credentials()
credentials = response.data
for credential in credentials:
print(f"{credential.credential_id}: {credential.venue} - {credential.status}")
print(f" Nickname: {credential.nickname}")
print(f" Accounts: {credential.identities}")
const response = await credentialApi.listTradingAccountCredentials()
const credentials = response.data.data
credentials.forEach(credential => {
console.log(`${credential.credentialId}: ${credential.venue} - ${credential.status}`)
console.log(` Nickname: ${credential.nickname}`)
console.log(` Accounts: ${credential.identities}`)
})
response, _, err := apiClient.TradingAccountCredentialAPI.ListTradingAccountCredentials(ctx).Execute()
if err != nil {
panic(err)
}
for _, credential := range response.Data {
fmt.Printf("%s: %s - %s\n", *credential.CredentialId, *credential.Venue, *credential.Status)
fmt.Printf(" Nickname: %s\n", *credential.Nickname)
fmt.Printf(" Accounts: %v\n", credential.Identities)
}
Filter by Status
- Python
- TypeScript
- Go
# List only verified credentials
response = credential_api.list_trading_account_credentials(
credential_status=cadenza_client.CredentialStatus.VERIFIED
)
// List only verified credentials
const response = await credentialApi.listTradingAccountCredentials(
undefined, // credentialType
'VERIFIED' // credentialStatus
)
// List only verified credentials
status := client.CREDENTIALSTATUS_VERIFIED
response, _, err := apiClient.TradingAccountCredentialAPI.ListTradingAccountCredentials(ctx).
CredentialStatus(status).
Execute()
Filter by Type
- Python
- TypeScript
- Go
# List only exchange credentials (not broker)
response = credential_api.list_trading_account_credentials(
credential_type=cadenza_client.CredentialType.EXCHANGE
)
// List only exchange credentials (not broker)
const response = await credentialApi.listTradingAccountCredentials(
'EXCHANGE' // credentialType
)
// List only exchange credentials (not broker)
credType := client.CREDENTIALTYPE_EXCHANGE
response, _, err := apiClient.TradingAccountCredentialAPI.ListTradingAccountCredentials(ctx).
CredentialType(credType).
Execute()
Rotate Credential
Update the API keys for an existing credential without disconnecting trading accounts:
- Python
- TypeScript
- Go
response = credential_api.rotate_trading_account_credential(
cadenza_client.RotateTradingAccountCredentialRequest(
credential_id=credential_id,
api_key="new-api-key",
api_secret="new-api-secret"
)
)
credential = response.data
print(f"Credential rotated: {credential.status}")
const response = await credentialApi.rotateTradingAccountCredential({
credentialId: credentialId,
apiKey: 'new-api-key',
apiSecret: 'new-api-secret',
})
const credential = response.data.data
console.log('Credential rotated:', credential.status)
response, _, err := apiClient.TradingAccountCredentialAPI.RotateTradingAccountCredential(ctx).
RotateTradingAccountCredentialRequest(client.RotateTradingAccountCredentialRequest{
CredentialId: credentialId,
ApiKey: client.PtrString("new-api-key"),
ApiSecret: client.PtrString("new-api-secret"),
}).Execute()
if err != nil {
panic(err)
}
credential := response.Data
fmt.Printf("Credential rotated: %s\n", *credential.Status)
When to Rotate
Rotate credentials when:
- API keys are compromised or exposed
- Exchange requires periodic key rotation
- You want to update permissions on the exchange side
- As part of regular security maintenance
Rotation Process
- Generate new API keys on your exchange
- Call the rotate endpoint with new keys
- Old keys are immediately invalidated
- All connected trading accounts continue working with new keys
Revoke Credential
Permanently revoke a credential. This will disconnect all trading accounts using this credential.
- Python
- TypeScript
- Go
response = credential_api.revoke_trading_account_credential(
cadenza_client.RevokeTradingAccountCredentialRequest(
credential_id=credential_id
)
)
print(f"Credential revoked: {response.data.status}") # REVOKED
const response = await credentialApi.revokeTradingAccountCredential({
credentialId: credentialId,
})
console.log('Credential revoked:', response.data.data.status) // REVOKED
response, _, err := apiClient.TradingAccountCredentialAPI.RevokeTradingAccountCredential(ctx).
RevokeTradingAccountCredentialRequest(client.RevokeTradingAccountCredentialRequest{
CredentialId: credentialId,
}).Execute()
if err != nil {
panic(err)
}
fmt.Printf("Credential revoked: %s\n", *response.Data.Status) // REVOKED
Revocation Effects
When you revoke a credential:
| Effect | Description |
|---|---|
| Status changes | Credential status becomes REVOKED |
| Trading accounts | All connected accounts are disconnected |
| Open orders | Existing orders remain on exchange |
| API keys | Keys are deleted from Cadenza (not from exchange) |
warning
Revocation is permanent. To reconnect accounts, you must create a new credential.
Response Reference
List Response
{
"data": [
{
"credentialId": "550e8400-e29b-41d4-a716-446655440000",
"venue": "BINANCE",
"credentialType": "EXCHANGE",
"nickname": "My Binance API",
"status": "VERIFIED",
"identities": ["spot", "margin", "futures"],
"createdAt": 1704067200000,
"updatedAt": 1704153600000
}
],
"success": true,
"errno": 0,
"error": null,
"pagination": {
"offset": 0,
"limit": 50,
"total": 1
}
}
Error Handling
| Error Code | Description |
|---|---|
400 | Invalid request parameters |
401 | Authentication required |
404 | Credential not found |
409 | Cannot revoke credential with active trading accounts |
Best Practices
- Regular Audits - Periodically list and review all credentials
- Remove Unused - Revoke credentials that are no longer needed
- Rotate Proactively - Don't wait for a security incident
- Monitor Status - Watch for credentials that become
FAILED - Use Nicknames - Give meaningful names to identify credentials easily