Build trading bots, integrate real-time market data, and automate your strategies with our REST and WebSocket APIs.
Access everything programmatically — from live order books to account management. All endpoints return JSON.
Standard HTTPS endpoints for market data, order placement, account management, and historical data. Request-response model ideal for order execution, balance queries, and batch operations.
Base URL: https://api.ironbrand.io/v1
Persistent connections for real-time streaming of order book updates, trade executions, ticker data, and account events. Sub-100ms latency for time-sensitive strategies.
Endpoint: wss://stream.ironbrand.io/v1
All authenticated endpoints require API key headers. Public endpoints (market data) require no authentication.
Returns a list of all active trading pairs with current status, base/quote currencies, and tick size.
24-hour rolling ticker for a specific pair. Returns last price, 24h high/low, volume, bid/ask, and percent change.
Current order book for a pair. Optional depth parameter (default 25, max 500). Returns arrays of [price, quantity] for bids and asks.
Recent public trades for a pair. Returns trade ID, price, quantity, side (buy/sell), and timestamp. Max 1000 per request.
OHLCV candlestick data. Supported intervals: 1m, 5m, 15m, 1h, 4h, 1d, 1w. Returns open, high, low, close, volume, and timestamp.
Place a new order. Supports market, limit, stop-limit, and stop-market order types. Required fields: pair, side, type, quantity. Limit orders also require price.
List your orders. Filter by status (open, filled, cancelled, all), pair, and date range. Paginated with cursor-based pagination.
Cancel a specific open order by ID. Returns the cancelled order object with final status.
Cancel all open orders. Optionally filter by pair to cancel only orders for a specific market.
Returns all asset balances for your account, including available, reserved (in open orders), and total amounts.
Your executed trade history. Filter by pair and date range. Returns fill price, quantity, fee, and side for each trade.
Returns your current fee tier, 30-day trading volume, maker/taker rates, and next tier threshold.
All private endpoints require three headers for authentication. API keys are managed from your account settings.
X-IB-APIKEY: your_api_key
X-IB-SIGNATURE: HMAC-SHA256(secret_key, timestamp + method + path + body)
X-IB-TIMESTAMP: unix_timestamp_in_milliseconds
The signature is computed by concatenating the timestamp, HTTP method (uppercase), request path (including query string), and the request body (empty string for GET requests). This concatenated string is then signed using HMAC-SHA256 with your API secret key. Signatures expire after 30 seconds.
Your public identifier. Include it in the X-IB-APIKEY header with every authenticated request. You can create up to 10 API keys per account.
Used to generate HMAC-SHA256 signatures. Shown only once at creation. Store it securely — if lost, revoke the key and create a new one. Never transmit the secret directly.
Each API key has granular permissions: Read (balances, orders), Trade (place/cancel orders), and Withdraw (requires IP whitelist).
Rate limits protect API stability. Limits are applied per API key and reset on a rolling window.
| Endpoint Category | Rate Limit | Window |
|---|---|---|
| Public Market Data | 60 requests | per minute |
| Private — Read (balances, orders) | 30 requests | per minute |
| Private — Trade (place/cancel) | 15 requests | per second |
| Private — Withdraw | 5 requests | per minute |
| WebSocket Subscriptions | 50 channels | per connection |
Rate limit status is returned in response headers: X-RateLimit-Remaining and X-RateLimit-Reset. VIP traders receive higher limits.
Get started in minutes with these examples for fetching market data and placing orders.
import requests
BASE_URL = "https://api.ironbrand.io/v1"
# Get 24h ticker for BTC-USDT
response = requests.get(f"{BASE_URL}/ticker/BTC-USDT")
ticker = response.json()
print(f"BTC/USDT Last Price: ${ticker['last']:,.2f}")
print(f"24h Volume: {ticker['volume']:,.2f} BTC")
print(f"24h Change: {ticker['change_pct']:+.2f}%")
const BASE_URL = "https://api.ironbrand.io/v1";
// Get 24h ticker for BTC-USDT
const response = await fetch(`${BASE_URL}/ticker/BTC-USDT`);
const ticker = await response.json();
console.log(`BTC/USDT Last Price: $${ticker.last.toLocaleString()}`);
console.log(`24h Volume: ${ticker.volume.toFixed(2)} BTC`);
console.log(`24h Change: ${ticker.change_pct > 0 ? '+' : ''}${ticker.change_pct.toFixed(2)}%`);
import time, hmac, hashlib, json, requests
API_KEY = "your_api_key"
API_SECRET = "your_api_secret"
BASE_URL = "https://api.ironbrand.io/v1"
def sign_request(method, path, body=""):
timestamp = str(int(time.time() * 1000))
message = timestamp + method.upper() + path + body
signature = hmac.new(
API_SECRET.encode(), message.encode(), hashlib.sha256
).hexdigest()
return {
"X-IB-APIKEY": API_KEY,
"X-IB-SIGNATURE": signature,
"X-IB-TIMESTAMP": timestamp,
"Content-Type": "application/json"
}
# Place a limit buy order: 0.1 BTC at $62,000
order = {
"pair": "BTC-USDT",
"side": "buy",
"type": "limit",
"price": "62000.00",
"quantity": "0.1"
}
body = json.dumps(order)
headers = sign_request("POST", "/v1/orders", body)
response = requests.post(f"{BASE_URL}/orders", headers=headers, data=body)
result = response.json()
print(f"Order placed: {result['order_id']}")
print(f"Status: {result['status']}")
import crypto from "crypto";
const API_KEY = "your_api_key";
const API_SECRET = "your_api_secret";
const BASE_URL = "https://api.ironbrand.io/v1";
function signRequest(method, path, body = "") {
const timestamp = Date.now().toString();
const message = timestamp + method.toUpperCase() + path + body;
const signature = crypto
.createHmac("sha256", API_SECRET)
.update(message)
.digest("hex");
return {
"X-IB-APIKEY": API_KEY,
"X-IB-SIGNATURE": signature,
"X-IB-TIMESTAMP": timestamp,
"Content-Type": "application/json"
};
}
// Place a limit buy order: 0.1 BTC at $62,000
const order = {
pair: "BTC-USDT",
side: "buy",
type: "limit",
price: "62000.00",
quantity: "0.1"
};
const body = JSON.stringify(order);
const headers = signRequest("POST", "/v1/orders", body);
const response = await fetch(`${BASE_URL}/orders`, {
method: "POST", headers, body
});
const result = await response.json();
console.log(`Order placed: ${result.order_id}`);
console.log(`Status: ${result.status}`);
import asyncio, websockets, json
async def stream_trades():
uri = "wss://stream.ironbrand.io/v1"
async with websockets.connect(uri) as ws:
# Subscribe to BTC-USDT trades channel
await ws.send(json.dumps({
"action": "subscribe",
"channels": ["trades:BTC-USDT", "trades:ETH-USDT"]
}))
async for message in ws:
data = json.loads(message)
if data["type"] == "trade":
trade = data["data"]
print(f"{trade['pair']} | {trade['side'].upper()} "
f"{trade['quantity']} @ ${trade['price']:,.2f}")
asyncio.run(stream_trades())
const ws = new WebSocket("wss://stream.ironbrand.io/v1");
ws.onopen = () => {
// Subscribe to BTC-USDT and ETH-USDT trades
ws.send(JSON.stringify({
action: "subscribe",
channels: ["trades:BTC-USDT", "trades:ETH-USDT"]
}));
};
ws.onmessage = (event) => {
const data = JSON.parse(event.data);
if (data.type === "trade") {
const { pair, side, quantity, price } = data.data;
console.log(`${pair} | ${side.toUpperCase()} ${quantity} @ $${price.toLocaleString()}`);
}
};
ws.onerror = (err) => console.error("WebSocket error:", err);
Subscribe to one or more channels per connection. All messages are JSON-encoded.
trades:{pair} — Real-time trade executionsorderbook:{pair} — Order book updates (L2, diff)ticker:{pair} — 1-second ticker snapshotscandles:{pair}:{interval} — Live candlestick updatesaccount:orders — Your order status updatesaccount:fills — Your trade fills in real timeaccount:balances — Balance changes on fill or depositPrivate channels require sending an auth message with your API key and signature after connecting.
Complete API reference with interactive examples, SDKs for Python/Node.js/Go, and sandbox environment for testing.