Register Account

Cloud9Trader API > WebSocket API

Authentication

To access private channels you'll need to establish an authenticated socket to wss://sockets.cloud9trader.com/. For this you'll need an API key and secret, which can be generated in the API Access section of your user settings.

Make a note of your secret once generated as it will only be displayed once and be sure to always keep it private.

If you are using the WebSocket API Client Library you simply need to pass the key and secret in the options and the library will handle the rest - no need to read this page further.

Otherwise you'll need to send 3 headers on the initiating HTTP upgrade request: x-c9t-key, x-c9t-nonce and an x-c9t-signature to sign the request.

Note that authenticated sockets must only be used server side and cannot be used from web browsers as this would require publishing your secret key.

Key header x-c9t-key

This should be set to your generated API key, in plain text. You can generate API keys by selecting "API Access" from your user menu.

Cryptographic nonce header x-c9t-nonce

This is an integer set to the current time in milliseconds since the UNIX Epoch time. Ensure that your system clock is accurate. Its purpose is to prevent replay attacks by a malicious party.

Signature header x-c9t-signature

The signature is a hex digest of an HMAC-SHA256 hash built up of the path and nonce using your secret key. Below is sample NodeJS code for generating these headers and initiating a socket that should translate easily enough to other languages. Replace <api-key> and <api-secret> with your values.

const crypto = require("crypto");
const WebSocket = require("ws");

const key = "<api-key>";
const secret = "<api-secret>";

const buffer = Buffer.from(secret, "base64");
const hmac = crypto.createHmac("sha256", buffer);

const path = "/";
const nonce = Date.now().toString(10);

hmac.write(path);
hmac.write(nonce);
hmac.end();

const signature = hmac.read().toString("hex");

const socket = new WebSocket("wss://sockets.cloud9trader.com/", {
    headers: {
        "x-c9t-key": key,
        "x-c9t-nonce": nonce,
        "x-c9t-signature": signature
    }
});

socket.on("open", () => {
    console.info("Cloud9Trader socket connected");
});

Was this page useful? If you find any errors or have any questions please get in touch at support@cloud9trader.com.