Authentication

API keys, scopes, rate limits, and plan tiers

All API requests require a Bearer token in the Authorization header. The same API key works for both REST API and MCP endpoints.

Terminal
curl "https://stage.goldenclaw.sh/api/v1/market/price?exchange=binance&marketType=futures&symbol=BTC/USDT" \
  -H "Authorization: Bearer YOUR_API_KEY"

Creating API Keys

  1. Log in to your GoldenClaw Dashboard
  2. Navigate to API Keys
  3. Click Create New Key
  4. Select the required scopes
  5. Copy and securely store your key

One-time visibility

API keys are displayed only once at creation. If you lose a key, revoke it and create a new one.

Scopes

GoldenClaw uses granular scopes to control API access. Write scopes automatically include read access for the same resource.

ScopeDescriptionFreePlus/Pro
market:readPrices, OHLCV, pairs, symbols, tickers, timeframes
indicators:readTechnical indicator calculations
account:readAccount balance and information
trade:spot:readView spot orders
trade:spot:writePlace/cancel spot orders
trade:futures:readView USD-M futures orders and positions
trade:futures:writePlace/cancel USD-M futures orders
trade:coinm-futures:readView COIN-M futures orders and positions
trade:coinm-futures:writePlace/cancel COIN-M futures orders

Scope Selection Guide

Choose scopes based on your use case:

Use CaseScopes
Market data + indicatorsmarket:read, indicators:read
Read-only portfolio monitoring+ account:read, trade:futures:read
Futures trading+ trade:futures:write
Full access (all markets)All 9 scopes

Good to know

Write scopes (trade:spot:write, trade:futures:write, trade:coinm-futures:write) require a Plus or Pro plan. Free tier includes 6 read-only scopes.

Plan Tiers

For plan limits, quotas, and feature comparison, see Pricing.

Rate Limit Headers

Every response includes rate limit information:

Response Headers
X-RateLimit-Limit: 10000
X-RateLimit-Remaining: 9847
X-RateLimit-Reset: 1741683600

The remaining field is also included in the response body under meta.remaining.

Error Responses

401 Unauthorized

Invalid or missing API key.

{
  "success": false,
  "error": { "code": "UNAUTHORIZED", "message": "Invalid API key" },
  "meta": { "timestamp": 1741683600000 }
}

403 Forbidden

API key lacks the required scope.

{
  "success": false,
  "error": { "code": "FORBIDDEN", "message": "Scope trade:futures:write required" },
  "meta": { "timestamp": 1741683600000 }
}

429 Rate Limited

Monthly request quota exceeded.

{
  "success": false,
  "error": { "code": "RATE_LIMITED", "message": "Rate limit exceeded" },
  "meta": { "timestamp": 1741683600000 }
}

Check X-RateLimit-Reset header for when your quota resets.

Getting Started

Set up your GoldenClaw integration in minutes

API Guide

Request format, response structure, error codes, and endpoint reference

On this page

Creating API KeysScopesScope Selection GuidePlan TiersRate Limit HeadersError Responses401 Unauthorized403 Forbidden429 Rate Limited