cURL

curl --request GET \
  --url https://test.deribit.com/api/v2/private/change_scope_in_api_key \
  --header 'Content-Type: application/json' \
  --data '
{
  "jsonrpc": "2.0",
  "id": 2453,
  "method": "private/change_scope_in_api_key",
  "params": {
    "max_scope": "account:read_write wallet:read_write block_trade:read trade:read_write",
    "id": 3
  }
}
'

{
  "jsonrpc": "2.0",
  "id": 2453,
  "result": {
    "timestamp": 1560242482758,
    "max_scope": "account:read_write block_trade:read trade:read_write wallet:read_write",
    "id": 3,
    "enabled": true,
    "default": false,
    "client_secret": "B6RsF9rrLY5ezEGBQkyLlV-UC7whyPJ34BMA-kKYpes",
    "client_id": "1sXMQBhM",
    "name": "NewKeyName"
  }
}

Account Management

private/change_scope_in_api_key

Updates the scope (permissions) for an existing API key. The scope determines which operations the API key can perform (e.g., read-only, read-write, trading, etc.).

When the scope is changed, the API key immediately loses access to operations outside the new scope. Applications using this key may need to be updated to reflect the new permissions.

TFA required

📖 Related Articles:

Scope: account:read_write

Try in API console

cURL

curl --request GET \
  --url https://test.deribit.com/api/v2/private/change_scope_in_api_key \
  --header 'Content-Type: application/json' \
  --data '
{
  "jsonrpc": "2.0",
  "id": 2453,
  "method": "private/change_scope_in_api_key",
  "params": {
    "max_scope": "account:read_write wallet:read_write block_trade:read trade:read_write",
    "id": 3
  }
}
'

{
  "jsonrpc": "2.0",
  "id": 2453,
  "result": {
    "timestamp": 1560242482758,
    "max_scope": "account:read_write block_trade:read trade:read_write wallet:read_write",
    "id": 3,
    "enabled": true,
    "default": false,
    "client_secret": "B6RsF9rrLY5ezEGBQkyLlV-UC7whyPJ34BMA-kKYpes",
    "client_id": "1sXMQBhM",
    "name": "NewKeyName"
  }
}

Query Parameters

max_scope

string[]

required

Describes maximal access for tokens generated with given key. If scope is not provided, its value is set as none.

📖 Related Article: Access Scope

Example:

[
  "account:read",
  "trade:read",
  "block_trade:read_write",
  "wallet:none"
]

integer

required

API key ID

Example:

1

Response

200 - application/json

Success response

jsonrpc

enum<string>

required

The JSON-RPC version (2.0)

Available options:

2.0

result

object

required

Hide child attributes

result.id

integer

required

Key identifier

Example:

1

result.timestamp

integer

required

The timestamp (milliseconds since the Unix epoch)

Example:

1536569522277

result.client_id

string

required

Client identifier used for authentication

Example:

"IY2D68DS"

result.client_secret

string

required

Client secret or MD5 fingerprint of public key used for authentication

Example:

"P9Z_c73KaBPwpoTVfsXzehAhjhdJn5kM7Zlz_hhDhE8"

result.max_scope

string[]

required

Describes maximal access for tokens generated with given key. If scope is not provided, its value is set as none.

📖 Related Article: Access Scope

Example:

[
  "account:read",
  "trade:read",
  "block_trade:read_write",
  "wallet:none"
]

result.default

boolean

required

Informs whether this api key is default (field is deprecated and will be removed in the future)

Example:

false

result.public_key

string

PEM encoded public key (Ed25519/RSA) used for asymmetric signatures (optional)

Example:

"-----BEGIN PUBLIC KEY----- MCowBQYDK2VwAyEApajFN0CSwIaaiIRPiFbiYYvpsLQLSccSLLsKPe984sc= -----END PUBLIC KEY-----"

result.enabled

boolean

Informs whether api key is enabled and can be used for authentication

Example:

true

result.name

string

Api key name that can be displayed in transaction log

Example:

"TestName"

result.enabled_features

string[]

List of enabled advanced on-key features.

Available options:
- restricted_block_trades: Limit the block_trade read the scope of the API key to block trades that have been made using this specific API key
- block_trade_approval: Block trades created using this API key require additional user approval. Methods that use block_rfq scope are not affected by Block Trade approval feature

result.ip_whitelist

array

List of IP addresses whitelisted for a selected key

integer

The id that was sent in the request

private/change_margin_model private/change_subaccount_name

⌘I

Methods overview

Methods

Query Parameters

Response