BBX Open API Docs
中文English

Quickstart

This guide helps you get started with the BBX Open API, including authentication and your first market data request.

Get API credentials

Before you can call the BBX Open API, you need API credentials. Use the entry point below to contact our business team.

Request your API credentials

Base URLs

Different API categories use different base URLs. Send each request to the corresponding endpoint:

https://open.bbx.com/api/v2

Authentication flow

Every API request must include the following authentication parameters:

  • Name
    AccessKeyId
    Type
    string
    Description

    Your access key ID

  • Name
    SignatureNonce
    Type
    string
    Description

    A unique nonce for each request

  • Name
    Timestamp
    Type
    string
    Description

    Request timestamp in seconds, valid for 30 seconds

  • Name
    Signature
    Type
    string
    Description

    A signature generated with HmacSHA1 + Base64. See Generate API Signature

Example request

The following example shows a complete API call for retrieving the latest Bitcoin ticker data:

const crypto = require('crypto');

// 1. Prepare authentication parameters
const ACCESS_KEY_ID = 'YOUR_ACCESS_KEY_ID';
const ACCESS_SECRET = 'YOUR_ACCESS_SECRET';
const SIGNATURE_NONCE = crypto.randomBytes(4).toString('hex');
const TIMESTAMP = Math.floor(Date.now() / 1000).toString();

// 2. Generate the signature
function generateSignature(accessKeyId, accessSecret, signatureNonce, timestamp) {
  const str = `AccessKeyId=${accessKeyId}&SignatureNonce=${signatureNonce}&Timestamp=${timestamp}`;
  const hmac = crypto.createHmac('sha1', accessSecret);
  hmac.update(str);
  return Buffer.from(hmac.digest('hex'), 'binary').toString('base64');
}

const signature = generateSignature(
  ACCESS_KEY_ID,
  ACCESS_SECRET,
  SIGNATURE_NONCE,
  TIMESTAMP
);

// 3. Send the request
fetch('https://open.bbx.com/api/v2/coin/ticker?' + new URLSearchParams({
  coin_list: 'bitcoin',
  AccessKeyId: ACCESS_KEY_ID,
  SignatureNonce: SIGNATURE_NONCE,
  Timestamp: TIMESTAMP,
  Signature: signature
}))
  .then(response => response.json())
  .then(data => console.log(data));

Notes

  • Every API request must include the full authentication parameter set.
  • SignatureNonce must be unique for every request.
  • Timestamp is valid for 30 seconds.

Was this page helpful?