cURL

curl --request GET \
  --url https://test.deribit.com/api/v2/private/reset_api_key \
  --header 'Content-Type: application/json' \
  --data '
{
  "jsonrpc": "2.0",
  "id": 6524,
  "method": "private/reset_api_key",
  "params": {
    "id": 3
  }
}
'

{
  "jsonrpc": "2.0",
  "id": 2453,
  "result": {
    "timestamp": 1560242482758,
    "max_scope": "account:read_write block_trade:read trade:read_write wallet:read_write",
    "id": 3,
    "enabled": true,
    "default": false,
    "client_secret": "B6RsF9rrLY5ezEGBQkyLlV-UC7whyPJ34BMA-kKYpes",
    "client_id": "1sXMQBhM",
    "name": "NewKeyName"
  }
}

Account Management

private/reset_api_key

Generates a new secret key for an existing API key while keeping the same key ID and other properties. This is useful if the secret has been compromised or needs to be rotated for security purposes.

The old secret becomes invalid immediately, and the new secret is returned in the response. Store the new secret securely as it will not be displayed again. All applications using the old secret will need to be updated with the new secret.

📖 Related Article: Creating new API key on Deribit

Scope: account:read_write

Try in API console

cURL

curl --request GET \
  --url https://test.deribit.com/api/v2/private/reset_api_key \
  --header 'Content-Type: application/json' \
  --data '
{
  "jsonrpc": "2.0",
  "id": 6524,
  "method": "private/reset_api_key",
  "params": {
    "id": 3
  }
}
'

{
  "jsonrpc": "2.0",
  "id": 2453,
  "result": {
    "timestamp": 1560242482758,
    "max_scope": "account:read_write block_trade:read trade:read_write wallet:read_write",
    "id": 3,
    "enabled": true,
    "default": false,
    "client_secret": "B6RsF9rrLY5ezEGBQkyLlV-UC7whyPJ34BMA-kKYpes",
    "client_id": "1sXMQBhM",
    "name": "NewKeyName"
  }
}

Query Parameters

integer

required

API key ID

Example:

1

Response

200 - application/json

Success response

jsonrpc

enum<string>

required

The JSON-RPC version (2.0)

Available options:

2.0

result

object

required

Hide child attributes

result.id

integer

required

Key identifier

Example:

1

result.timestamp

integer

required

The timestamp (milliseconds since the Unix epoch)

Example:

1536569522277

result.client_id

string

required

Client identifier used for authentication

Example:

"IY2D68DS"

result.client_secret

string

required

Client secret or MD5 fingerprint of public key used for authentication

Example:

"P9Z_c73KaBPwpoTVfsXzehAhjhdJn5kM7Zlz_hhDhE8"

result.max_scope

string[]

required

Describes maximal access for tokens generated with given key. If scope is not provided, its value is set as none.

📖 Related Article: Access Scope

Example:

[
  "account:read",
  "trade:read",
  "block_trade:read_write",
  "wallet:none"
]

result.default

boolean

required

Informs whether this api key is default (field is deprecated and will be removed in the future)

Example:

false

result.public_key

string

PEM encoded public key (Ed25519/RSA) used for asymmetric signatures (optional)

Example:

"-----BEGIN PUBLIC KEY----- MCowBQYDK2VwAyEApajFN0CSwIaaiIRPiFbiYYvpsLQLSccSLLsKPe984sc= -----END PUBLIC KEY-----"

result.enabled

boolean

Informs whether api key is enabled and can be used for authentication

Example:

true

result.name

string

Api key name that can be displayed in transaction log

Example:

"TestName"

result.enabled_features

string[]

List of enabled advanced on-key features.

Available options:
- restricted_block_trades: Limit the block_trade read the scope of the API key to block trades that have been made using this specific API key
- block_trade_approval: Block trades created using this API key require additional user approval. Methods that use block_rfq scope are not affected by Block Trade approval feature

result.ip_whitelist

array

List of IP addresses whitelisted for a selected key

integer

The id that was sent in the request

private/remove_subaccount private/set_announcement_as_read

⌘I

Methods overview

Methods

Query Parameters

Response