Skip to main content

OAuth2 Gateway

Version: 1.0.0

Kraken Connect is your gateway to seamlessly link external apps like tax tools, trading bots, and portfolio trackers with your Kraken account. Powered by OAuth 2.0, it delivers a secure, hassle-free authorization flow for users and developers alike.

Fast API Keys

No more copying API keys and secrets! Fast API lets users log in to Kraken and instantly authorize trusted third-party apps to connect, making onboarding smoother than ever.

Quick Integration Guide

Get Your Client Credentials

Ready to integrate? Just fill out this form with:

  • Company Name
  • Short Company Description
  • Company website
  • Logo (PNG, 56x56)
  • Required Permission Scopes
  • Redirect URIs
  • RSA Public Key (2048+ bits, PEM format)
    • One for test, one for production is ideal!

Note: If your app has no backend (e.g., runs entirely on users' devices), just ask for a public client ID, no secret or public key required.

Generate Your RSA Keys

openssl genrsa -aes128 -out private.pem 4096
openssl rsa -in private.pem -pubout > public.pem

Decrypting Your Client Secret

echo -n "<encrypted secret>" | base64 -d | openssl rsautl -decrypt -inkey private.pem

Authorization Code Flow

  1. Direct the user to the authorization endpoint with:
    • response_type=code
    • client_id
    • redirect_uri
    • scope (optional)
    • state (optional)
  2. User signs in, approves access, and is redirected back to your redirect_uri with an authorization code.
  3. Exchange this code for an access token at the token endpoint using a Basic Auth header with your client_id and secret, plus:
    • grant_type=authorization_code
    • code
    • redirect_uri

Refreshing Tokens

When your access token expires:

  1. Call the token endpoint with:
    • grant_type=refresh_token
    • refresh_token
  2. Receive a new access/refresh token pair.

When a new access token is issued, the old one is immediately invalid.

Token Lifetimes

TokenValidity
Access token
  • 24h (private clients)
  • 4h (public clients)
Refresh token
  • 30 days

Permission Scopes

Permission ScopeDescription
account.fast-api-key:funds-querySee your account balance
account.fast-api-key:funds-addDeposit funds to your account
account.fast-api-key:funds-withdrawWithdraw funds from your account
account.fast-api-key:funds-earnTransfer funds to earn rewards
account.fast-api-key:trades-query-openView open orders & trades
account.fast-api-key:trades-query-closedView closed orders & trades
account.fast-api-key:trades-modifyCreate and modify orders
account.fast-api-key:trades-closeCancel and modify orders
account.fast-api-key:ledger-queryView your ledger history
account.fast-api-key:export-dataExport your ledger history
account.fast-api-key:writeAuthorize the 3rd party app to create a one-time API key for the existing session
account.info:basicSee your account information
account.fast-api-key:writeAuthorize the 3rd party app to remove API key for the existing session