Gemini Crypto Exchange Logo

Authentication

Generate an API Key

API keys for the Fast API have special requirements:

  1. Navigate to API Settings
  2. Click "Create API key"
  3. Scope: Select the account you want to trade with
  4. Settings:
    • ✅ Enable "Uses a time-based nonce"
    • ✅ Enable "Trading"
  5. Save your API key and secret securely

Only account-scoped keys with time-based nonces are accepted.


Create an Authenticated Connection

Pass the following headers when establishing the websocket connection,

HeaderValue
X-GEMINI-APIKEYYour Gemini API key (session key)
X-GEMINI-NONCECurrent epoch timestamp in seconds
X-GEMINI-SIGNATUREhex(HMAC_SHA384(base64(nonce), key=api_secret))
X-GEMINI-PAYLOADbase64(nonce)

Authentication is required for trading operations and order event subscriptions. Market data streams are available without authentication.

Authentication headers must be provided during the initial WebSocket handshake—you cannot authenticate after the connection is established.

Signature Generation Step-by-Step

Code
# Create a nonce from the current epoch time in seconds nonce = current_timestamp_in_seconds # Our payload will be the base64 encoded nonce for simplicity payload = base64_encode(nonce.toString) # Generate a signature using the hmac_sha384 algorithm signature = hmac_sha384(payload, api_secret) # Convert the signature to hex so it can be passed in the headers hexSignature = hex(signature)
Last modified on