Hi. I want to programmatically pull details about my portfolio and the REST API looks like it provides most of what I need. Looking through the API documentation, it seems no permissions distinction is made between passive requests for e.g. trade and position details, and active order management endpoints. Would it be possible to introduce a read / read-write distinction so I can feel confident that no matter what, my key only allows access to “reporting” endpoints? Apologies if I’ve missed something in the documentation.
3 Likes
When you create API key you can now unselect “Orders - Execute” and “Pies - Write” permissions.