Cómo conectar un exchange a BackFuture AI: claves API, seguridad y prueba de conexión
BackFuture AI works through an exchange conexión via API. This means that the usuario’s fondos remain on the exchange account, while el sistema receives only the permissions that the usuario explicitly grants in the clave API.
Supported exchanges
At the current stage, the plataforma is focused on working with MEXC and KuCoin. In the future, the list of conexiones can be expanded: Binance, OKX, Bitget, Gate.io, HTX, BingX, Coinbase, Bybit and other exchanges.
General conexión process
- The usuario logs into their exchange account.
- Creates a new clave API.
- Disables permiso de retiro.
- Enables only the required permissions: balance reading, order reading and trading.
- Sets an IP restriction if the exchange supports it.
- Copies the API Key and Secret Key.
- Adds the conexión in the BackFuture AI dashboard.
- Runs a conexión test.
- After a successful check, enables the required estrategia or bot.
Required API permissions
| Permission | Needed? | Por qué |
|---|---|---|
| Read | ✅ Yes | So el sistema can see balances, orders, positions and estado. |
| Trade | ✅ Yes | So the bot can open, add to and close operaciones. |
| Withdraw | ❌ No | This permission must not be given to a trading bot. |
| Futures | ◐ If needed | Only for estrategias that work with futures. |
| IP whitelist | ✅ Recommended | Restricts key usage to approved server IP addresses. |
Cómo to name a conexión correctly
In the dashboard, it is better to use clear conexión names. This is especially importante if the usuario has several exchanges, sub-accounts or estrategias.
- MEXC Spot Main — main spot account on MEXC.
- KuCoin Futures Conservative — futures account for a conservative estrategia.
- Recovery PRO Connection — separate conexión for Recovery/PRO logic.
- BTC ETH New Groups — separate conexión for new BTC/ETH grupos.
Step-by-step ejemplo
Step 1. Create an clave API on the exchange
In the exchange account, open API Management or API Keys. Usually the exchange asks for a key name and confirms the action through email, phone or 2FA.
Step 2. Set permissions
For a trading conexión, read and operación permissions are usually needed. Withdrawal must be disabled. If the exchange offers separate permissions for spot and futures, enable only the mercado you really plan to use.
Step 3. Add the key to BackFuture AI
In the dashboard, the usuario selects an exchange, enters API Key and Secret Key, sets a conexión name and saves it. Secrets should not be displayed in full after saving.
Step 4. Test the conexión
El sistema checks the key, permissions, balance access and the ability to receive estado. If everything is correct, the conexión receives an “Online” or “Connected” estado.
Step 5. Enable a estrategia
After the test, the usuario can select pairs, riesgo level, margen limit, refuerzo behavior, Recovery Mode and other ajustes.
Typical conexión errors
| Error | Cause | Qué to do |
|---|---|---|
| Invalid key | clave API or secret was copied incorrectly. | Create a new key or copy the values again. |
| No trading permission | Trade permission is disabled. | Enable trading permission, but keep withdrawal disabled. |
| IP not allowed | IP restriction does not include the server IP. | Add the correct server IP to the exchange whitelist. |
| Exchange unavailable | The exchange API is temporarily unavailable. | Wait and run the test again. |
Security principles
- Never enable permiso de retiro for bot claves API.
- Use separate claves API for different estrategias.
- Use IP restrictions cuándo possible.
- Do not show API secrets in full after saving.
- Delete old keys if they are no longer used.
- Use 2FA on the exchange account.
Conclusión
The safest model is cuándo fondos remain on the usuario’s exchange, and BackFuture AI works only through limited API permissions. This allows the plataforma to automate trading logic without direct access to withdrawals.