Introduction - Odyssey Exchange API

Using the exchange API, you can do the following: get a list of all coins on the exchange, get the exchange rate of coins, create orders, close orders, get account balance and much more.

Basic information

Spot API URL: https://openapi.odyssey.trade
Futures API URL: https://futuresopenapi.odyssey.trade
WebSocket API URL: wss://ws.odyssey.trade/kline-api/ws
All endpoints return either a JSON object or array.
Data is returned in reverse order. Newest first, oldest last.
All time and timestamp related fields are in milliseconds.
All requests are based on the HTTPS protocol, and the Content-Type should be application/json
For the interface of the GET method, the parameters must be sent in the query string
The interface of the POST method, the parameters must be sent in the request body
Parameters may be sent in any order.

HTTP Error Codes

HTTP 4XX return codes are used for malformed requests; the issue is on the sender’s side.

HTTP 418 return code is used when an IP has been auto-banned for continuing to send requests after receiving 429 codes.

HTTP 429 return code is used when breaking a request rate limit.

HTTP 5XX return codes are used for internal errors

HTTP 504 return code is used when the API successfully sent the message but did not get a response within the timeout period. It is important to NOT treat this as a failure operation; the execution status is UNKNOWN and could have been a success.

All endpoints can possibly return an ERROR, the error payload is as follows:

{
  "code": -1121,
  "msg": "Invalid symbol."
}

Endpoint Security Type

Each endpoint has a security type that determines the how you will interact with it.

API key are passed into the Rest API via the X-CH-APIKEY header.

API keys and secret keys are case sensitive.

NONE – endpoint can be accessed freely.
TRADE – Endpoint requires sending a valid API-Key and signature.
USER_DATA – endpoint requires sending a valid API-Key and signature.

Timing Security

The signature interface needs to pass the timestamp in the X-CH-TS field in the HTTP header, and its value should be the unix timestamp of the request sending time e.g. 1528394129373

An additional parameter, recvWindow, may be sent to specify the number of milliseconds after timestamp the request is valid for. If recvWindow is not sent, it defaults to 5000.

In addition, if the server calculates that the client’s timestamp is more than one second ‘in the future’ of the server’s time, it will also reject the request.

The logic is as follows:

if (timestamp < (serverTime + 1000) && (serverTime - timestamp) <= recvWindow) {
  // process request
} else {
  // reject request
}

Serious trading is about timing. Networks can be unstable and unreliable, which can lead to requests taking varying amounts of time to reach the servers. With recvWindow, you can specify that the request must be processed within a certain number of milliseconds or be rejected by the server.

It recommended to use a small recvWindow of 5000 or less!

Signature

Requests with the Trade and USER_DATA level must be signed. The signature is not case-sensitive and generated as follows:

{timestamp}{method}{path}{data}

timestamp – current timestamp in milliseconds
method – GET or POST
path – request path, example: /ping
data – query string if method is GET else body data

Then you have to hash this string using SHA512 secret key as a salt.

Signature Example

Body

{"symbol":"BTCUSDT","price":"9300","volume":"1","side":"BUY","type":"LIMIT"}

Terminal

[linux]$ echo -n "1588591856950POST/sapi/v1/order/test{\"symbol\":\"BTCUSDT\",\"price\":\"9300\",\"volume\":\"1\",\"side\":\"BUY\",\"type\":\"LIMIT\"}" | openssl dgst -sha256 -hmac "902ae3cb34ecee2779aa4d3e1d226686"
(stdin)= c50d0a74bb9427a9a03933d0eded03af9bf50115dc5b706882a4fcf07a26b761

Get Started

​Basic information

​HTTP Error Codes

​Endpoint Security Type

​Timing Security

​Signature