Skip to main content
Adding a Centralised Exchange (CEX) account requires you to create a read-only API key from your favourite CEX. Read below for a step-by-step guide on how to generate this API key for each CEX Lighthouse supports.
For improved security & to avoid expiry of API keys, you can add the following IP when creating an API key: 34.79.28.87

IP address restriction is mandatory on some CEXs, optional on others, but recommended by Lighthouse.
Most exchanges use a traditional API Key and Secret. Some exchanges like Derive use a different authentication method - refer to the specific exchange guide below for details.

How to add a CEX account in Lighthouse

  1. Select the Accounts page on the left sidebar.
  2. Click the + Add Account button on the top right.
  3. In the open modal select the Exchange account tab and then the exchange you want to add.
  4. Add an Account Name and optional Description.
  5. Enter the credentials required by your selected exchange (for example API key/secret, passphrase, wallet address, or private key).
  6. Confirm by clicking the Add account button.

CEX API Keys Guide

  1. Log in to your Kraken account.
  2. Go to your profile in the top right corner and select Settings.
  3. Select API from the drop-down menu.
  4. On the API key management page, find Spot trading API
  5. Select Create API key.
  6. On the add API key page, enter a name into the key description box. “Lighthouse” for example.
  7. Check the box Query.
  8. Select Generate Key.
  9. Copy-paste the API Key and API Secret into their respective fields on Lighthouse.
  1. Log in to your Kraken account.
  2. Go to your profile in the top right corner and select Settings.
  3. Select API from the drop-down menu.
  4. On the API key management page, find Futures trading API
  5. Select Create API key.
  6. On the add API key page, enter a name into the key description box. “Lighthouse” for example.
  7. Check the box Query.
  8. Select Generate Key.
  9. Copy-paste the API Key and API Secret into their respective fields on Lighthouse.
  1. Log in to Binance (or Binance US).
  2. Go to the Binance API management page.
  3. Select System Generated.
    • Default settings create a read-only API, no need to change any setting.
  4. Complete the 2FA.
  5. Copy-paste the API Key and API Secret into their respective fields on Lighthouse.
  1. Log in to your Coinbase account.
  2. Navigate to coinbase.com/settings/api
  3. Select Create API Key.
  4. Select the portfolio you want to track from the drop-down and and make sure “View (read-only)” is selected.

    💡 If you have multiple Coinbase Portfolios, you will have to create multiple APIs and a matching number of Lighthouse accounts.
  5. Add the Lighthouse IPs displayed at the top of this doc page.
  6. Select Create & Download.
  7. Copy-paste the API Key name in “API Key” field on Lighthouse, the and Private Key into the API Secret field on Lighthouse.
  1. Log in to your Bybit account.
  2. Hover over your profile icon in the right corner and select API.
  3. Click on Create New Key and select System-generated Keys.
  4. Add a name for the keys, such as “Lighthouse”.
  5. Make sure that the permissions are set to Read-Only and add the IPs at the top of this doc.
  6. Add all available permissions from the list. This will allow Lighthouse to access all relevant data but gives no ability to move or trade funds on your behalf.
  7. Click on Submit and complete the 2FA.
  8. Copy-paste the API Key and API Secret into their respective fields on Lighthouse.
  1. Sign in to your KuCoin account.
  2. Select API management in the drop down tab in the top right corner.
  3. Select create API > Create API-based trading.
  4. In the API name box, enter a name, example “Lighthouse”.
  5. In the API passphrase box, create your passphrase.
  6. Under API restrictions, select general for read-only access. Leave Spot Trading, Margin Trading, Futures Trading boxes unchecked.
  7. Under IP restriction, select Restricted to Trusted IPs Only and add the IPs at the top of this doc page.
  8. For security verification, you’ll need to enter your trading password that you created when you made your KuCoin account.
  9. On the new API pop-up, copy the KuCoin Key and Secret.
  10. Copy-paste the API Key and Secret into their respective fields on Lighthouse.
  11. Enter your passphrase you created earlier.
  1. Log in to OKX.
  2. In the top right corner, select your profile icon and select API from the drop down menu.
  3. Select “Create API Key” and enter a name, for example, “Lighthouse”.
  4. Select API trading and under permissions, check only read.
  5. Add the Lighthouse IPs highlighted at the top of this doc page.
  6. Create a passphrase - you’ll need this when connecting to Lighthouse.
  7. Complete the 2FA & security checks as requested.
  8. Select confirm.
  9. Copy your API key and API secret key, and paste them into the fields in Lighthouse.
  10. Enter your passphrase you created earlier.
  1. Sign in to Coinbase Prime.
  2. On the lower-left corner of the page, click the Gear settings icon.
  3. Click APIs.
  4. Next to Activated Keys, click Create API Key.
  5. In the pop-up window, enter the API NameAccess Type, and Expiration Date.
  6. Click Continue.
  7. Verify your identity with YubiKey.
  8. Under Pending Keys, find your API Key.
  9. Click Activate Key.
  10. Review details in the pop-up window then click Activate API key.
  11. Verify your identity with YubiKey.
The above is directly taken from the official Coinbase Prime docs. Reference this page for further info on rotating keys and for direct Coinbase support.
Log into Circle Mint → Developers → API keys (https://app.circle.com/developer), then:
  1. Select “create an API key”
  2. Enter Name
  3. Select “create API key”
  4. Copy API key
  5. Close the dialog
A View-Only / Restricted API is sufficient to track your Circle Mint account in Lighthouse.
  1. Log in to Gemini. In the top right corner, select account > settings.
  2. On the left-hand menu, select API.
  3. Select create new API key and  primary.
  4. Name your API key, ex. “Lighthouse”.
  5. Under API settings, check the Auditor box.
  6. Copy your API key and API secret.
  7. Select create API key.
  8. Add your API keys into Lighthouse.
  1. Sign in to Aster with your wallet.
  2. Navigate to More > API Management in the top left corner.
  3. Under the Pro API tab click Authorize new API wallet.
  4. Name your API key, ex. “Lighthouse”.
  5. Generate a new API wallet address by using Generate.
  6. Copy your generated private key, shown below the generate input bar.
  7. Under Days Valid select Max.
  8. Save your changes by selecting Authorize at the bottom of the dialog.
  9. Add your newly generated private key and your wallet address to Lighthouse.
  1. Sign in to Extended. In the top left corner, select More > API.
  2. Under the ‘Actions’ column, click on Generate API.
  3. Once API generation is complete, copy the API Key (first value).
  4. In Lighthouse, add a new CEX-Exchange Account from the ‘Accounts’ page.
  5. Select ‘Extended’ as the Exchange.
  6. Paste the previously copied API Key in the API Secret field in Lighthouse. And paste the EVM Address controlling your Extended account as the API Key.
    • Extended API Key → API Secret in Lighthouse.
    • Extended EVM Address → API Key in Lighthouse.
  1. Sign in to Paradex.
  2. After login, in the top right corner, select your account and then Settings > Key Management.
  3. Select Read Only then + Add New Key.
  4. Set Duration to **1 year **and then copy the token
  5. In Lighthouse, add a new CEX-Exchange Account from the ‘Accounts’ page.
  6. Select ‘Paradex’ as the Exchange.
  7. Paste the previously copied token in the Readonly JWT Token field in Lighthouse.
Derive uses a session key authentication model instead of traditional API keys. You create and manage the session key in Derive, then paste the credentials into Lighthouse.
  1. Sign in to Derive and navigate to the Developers page.
  2. Create a Session Key in Derive (or use an existing one).
  3. Copy your Embedded Wallet Address and the Session Key Private Key from Derive.
  4. In Lighthouse, go to Accounts > + Add Account > Exchange account and select Derive.
  5. Paste your Embedded Wallet Address in the Wallet Address field.
  6. Paste the Session Key Private Key in the Private Key field.
  7. Confirm by clicking Add account.
Lighthouse encrypts the private key after submission, but does not generate or recover it for you. Keep your own secure backup of the Derive session key.
Derive tracks margin collaterals (USDC, ETH, wBTC, etc.), perpetual futures positions, and options positions including full Greeks (delta, gamma, theta, vega).