Read-only API keys

Today we're pleased to announce that you can now access your accounts and portfolios using read-only API keys.

API keys are another way to access your account data, without having to go through the process of creating an OAuth2 application – but you can only access the account data for your own account. If you're making an application that accesses other users' data, then using OAuth2 is much better.

Note that if you use e.g. the ?api_key=xxx approach, your request may be logged by third-party cookies or proxies. We recommend setting the X-API-KEY header instead.

API keys also do not let you create, modify, or delete any of your portfolios or accounts. You must use OAuth2 for this for security purposes.

To create API keys for your portfolio, visit Your Profile and select "API keys".