Een exchange verbinden met BackFuture AI: API-sleutels, beveiliging en verbindingscontrole
BackFuture AI works through an exchange verbinding via API. This means that the gebruiker’s middelen remain on the exchange account, while het systeem receives only the permissions that the gebruiker explicitly grants in the API-sleutel.
Supported exchanges
At the current stage, the platform is focused on working with MEXC and KuCoin. In the future, the list of verbindingen can be expanded: Binance, OKX, Bitget, Gate.io, HTX, BingX, Coinbase, Bybit and other exchanges.
General verbinding process
- The gebruiker logs into their exchange account.
- Creates a new API-sleutel.
- Disables opnamerechten.
- Enables only the required permissions: balance reading, order reading and trading.
- Sets an IP restriction if the exchange supports it.
- Copies the API Key and Secret Key.
- Adds the verbinding in the BackFuture AI dashboard.
- Runs a verbinding test.
- After a successful check, enables the required strategie or bot.
Required API permissions
| Permission | Needed? | Waarom |
|---|---|---|
| Read | ✅ Yes | So het systeem can see balances, orders, positions and status. |
| Trade | ✅ Yes | So the bot can open, add to and close trades. |
| Withdraw | ❌ No | This permission must not be given to a trading bot. |
| Futures | ◐ If needed | Only for strategieën that work with futures. |
| IP whitelist | ✅ Recommended | Restricts key usage to approved server IP addresses. |
Hoe to name a verbinding correctly
In the dashboard, it is better to use clear verbinding names. This is especially belangrijk if the gebruiker has several exchanges, sub-accounts or strategieën.
- MEXC Spot Main — main spot account on MEXC.
- KuCoin Futures Conservative — futures account for a conservative strategie.
- Recovery PRO Connection — separate verbinding for Recovery/PRO logic.
- BTC ETH New Groups — separate verbinding for new BTC/ETH groepen.
Step-by-step voorbeeld
Step 1. Create an API-sleutel on the exchange
In the exchange account, open API Management or API Keys. Usually the exchange asks for a key name and confirms the action through email, phone or 2FA.
Step 2. Set permissions
For a trading verbinding, read and trade permissions are usually needed. Withdrawal must be disabled. If the exchange offers separate permissions for spot and futures, enable only the markt you really plan to use.
Step 3. Add the key to BackFuture AI
In the dashboard, the gebruiker selects an exchange, enters API Key and Secret Key, sets a verbinding name and saves it. Secrets should not be displayed in full after saving.
Step 4. Test the verbinding
Het systeem checks the key, permissions, balance access and the ability to receive status. If everything is correct, the verbinding receives an “Online” or “Connected” status.
Step 5. Enable a strategie
After the test, the gebruiker can select pairs, risico level, marge limit, bijkoop behavior, Recovery Mode and other instellingen.
Typical verbinding errors
| Error | Cause | Wat to do |
|---|---|---|
| Invalid key | API-sleutel or secret was copied incorrectly. | Create a new key or copy the values again. |
| No trading permission | Trade permission is disabled. | Enable trading permission, but keep withdrawal disabled. |
| IP not allowed | IP restriction does not include the server IP. | Add the correct server IP to the exchange whitelist. |
| Exchange unavailable | The exchange API is temporarily unavailable. | Wait and run the test again. |
Security principles
- Never enable opnamerechten for bot API-sleutels.
- Use separate API-sleutels for different strategieën.
- Use IP restrictions wanneer possible.
- Do not show API secrets in full after saving.
- Delete old keys if they are no longer used.
- Use 2FA on the exchange account.
Conclusie
The safest model is wanneer middelen remain on the gebruiker’s exchange, and BackFuture AI works only through limited API permissions. This allows the platform to automate trading logic without direct access to withdrawals.