Come collegare un exchange a BackFuture AI: chiavi API, sicurezza e controllo della connessione
BackFuture AI works through an exchange connessione via API. This means that the utente’s fondi remain on the exchange account, while il sistema receives only the permissions that the utente explicitly grants in the chiave API.
Supported exchange
At the current stage, the piattaforma is focused on working with MEXC and KuCoin. In the future, the list of connessioni can be expanded: Binance, OKX, Bitget, Gate.io, HTX, BingX, Coinbase, Bybit and other exchange.
General connessione process
- The utente logs into their exchange account.
- Creates a new chiave API.
- Disables permesso di prelievo.
- Enables only the required permissions: balance reading, order reading and trading.
- Sets an IP restriction if the exchange supports it.
- Copies the API Key and Secret Key.
- Adds the connessione in the BackFuture AI dashboard.
- Runs a connessione test.
- After a successful check, enables the required strategia or bot.
Required API permissions
| Permission | Needed? | Perché |
|---|---|---|
| Read | ✅ Yes | So il sistema can see balances, orders, positions and stato. |
| Trade | ✅ Yes | So the bot can open, add to and close operazioni. |
| Withdraw | ❌ No | This permission must not be given to a trading bot. |
| Futures | ◐ If needed | Only for strategie that work with futures. |
| IP whitelist | ✅ Recommended | Restricts key usage to approved server IP addresses. |
Come to name a connessione correctly
In the dashboard, it is better to use clear connessione names. This is especially importante if the utente has several exchange, sub-accounts or strategie.
- MEXC Spot Main — main spot account on MEXC.
- KuCoin Futures Conservative — futures account for a conservative strategia.
- Recovery PRO Connection — separate connessione for Recovery/PRO logic.
- BTC ETH New Groups — separate connessione for new BTC/ETH gruppi.
Step-by-step esempio
Step 1. Create an chiave API on the exchange
In the exchange account, open API Management or API Keys. Usually the exchange asks for a key name and confirms the action through email, phone or 2FA.
Step 2. Set permissions
For a trading connessione, read and operazione permissions are usually needed. Withdrawal must be disabled. If the exchange offers separate permissions for spot and futures, enable only the mercato you really plan to use.
Step 3. Add the key to BackFuture AI
In the dashboard, the utente selects an exchange, enters API Key and Secret Key, sets a connessione name and saves it. Secrets should not be displayed in full after saving.
Step 4. Test the connessione
Il sistema checks the key, permissions, balance access and the ability to receive stato. If everything is correct, the connessione receives an “Online” or “Connected” stato.
Step 5. Enable a strategia
After the test, the utente can select pairs, rischio level, margine limit, aggiunta behavior, Recovery Mode and other impostazioni.
Typical connessione errors
| Error | Cause | Cosa to do |
|---|---|---|
| Invalid key | chiave API or secret was copied incorrectly. | Create a new key or copy the values again. |
| No trading permission | Trade permission is disabled. | Enable trading permission, but keep withdrawal disabled. |
| IP not allowed | IP restriction does not include the server IP. | Add the correct server IP to the exchange whitelist. |
| Exchange unavailable | The exchange API is temporarily unavailable. | Wait and run the test again. |
Security principles
- Never enable permesso di prelievo for bot chiavi API.
- Use separate chiavi API for different strategie.
- Use IP restrictions quando possible.
- Do not show API secrets in full after saving.
- Delete old keys if they are no longer used.
- Use 2FA on the exchange account.
Conclusione
The safest model is quando fondi remain on the utente’s exchange, and BackFuture AI works only through limited API permissions. This allows the piattaforma to automate trading logic without direct access to withdrawals.