Never share an API passphrase, seed phrase, or security key with anyone.
What is an API key?
You can think of an API Key like a password. It stands for Application Programming Interface and it’s a way for an app or website to verify you are who you say you are, and that you have access to data retained within an account. Most cryptocurrency exchanges allow you to generate and API key to share your transaction information with a third-party application like CoinTracker.
Unlike most passwords we use every day, an API key is randomly generated and you are unable to edit it after it's been created. Some API keys can are intended for single-use while others are used to maintain a steady flow of data between two applications.
Why does CoinTracker need my API Key?
When connecting certain exchanges (such as Gemini, Binance, or Coinbase Pro), Cointracker will require an API key. We will only ever require read/view access and never write, trade, or transfer access. Approach any application requesting write access with caution.
To illustrate how this digital handshake works, imagine you are connecting your Coinbase Pro account to your CoinTracker Account. A read/view access API key will allow Coinbase Pro to authorize your ownership and allow your transaction data to sync to CoinTracker in real-time.
Is it secure?
Yes, API technology is very secure, but you must take the necessary precautions to store API key information in a secure location, such as an encrypted file or password manager/vault application. You can always revoke any access to an API key by editing it within the account it was generated from.
As a reminder, CoinTracker will never ask your for a passphrase, seed phrase, or write/trade/transfer access to any exchange or connected wallet. You can learn more about CoinTracker Security Best Practices here.