Como conectar uma exchange ao BackFuture AI: chaves API, segurança e teste de conexão
BackFuture AI works through an exchange conexão via API. This means that the usuário’s fundos remain on the exchange account, while o sistema receives only the permissions that the usuário explicitly grants in the chave API.
Supported exchanges
At the current stage, the plataforma is focused on working with MEXC and KuCoin. In the future, the list of conexões can be expanded: Binance, OKX, Bitget, Gate.io, HTX, BingX, Coinbase, Bybit and other exchanges.
General conexão process
- The usuário logs into their exchange account.
- Creates a new chave API.
- Disables permissão de saque.
- Enables only the required permissions: balance reading, order reading and trading.
- Sets an IP restriction if the exchange supports it.
- Copies the API Key and Secret Key.
- Adds the conexão in the BackFuture AI dashboard.
- Runs a conexão test.
- After a successful check, enables the required estratégia or bot.
Required API permissions
| Permission | Needed? | Por que |
|---|---|---|
| Read | ✅ Yes | So o sistema can see balances, orders, positions and status. |
| Trade | ✅ Yes | So the bot can open, add to and close operações. |
| Withdraw | ❌ No | This permission must not be given to a trading bot. |
| Futures | ◐ If needed | Only for estratégias that work with futures. |
| IP whitelist | ✅ Recommended | Restricts key usage to approved server IP addresses. |
Como to name a conexão correctly
In the dashboard, it is better to use clear conexão names. This is especially importante if the usuário has several exchanges, sub-accounts or estratégias.
- MEXC Spot Main — main spot account on MEXC.
- KuCoin Futures Conservative — futures account for a conservative estratégia.
- Recovery PRO Connection — separate conexão for Recovery/PRO logic.
- BTC ETH New Groups — separate conexão for new BTC/ETH grupos.
Step-by-step exemplo
Step 1. Create an chave API on the exchange
In the exchange account, open API Management or API Keys. Usually the exchange asks for a key name and confirms the action through email, phone or 2FA.
Step 2. Set permissions
For a trading conexão, read and operação permissions are usually needed. Withdrawal must be disabled. If the exchange offers separate permissions for spot and futures, enable only the mercado you really plan to use.
Step 3. Add the key to BackFuture AI
In the dashboard, the usuário selects an exchange, enters API Key and Secret Key, sets a conexão name and saves it. Secrets should not be displayed in full after saving.
Step 4. Test the conexão
O sistema checks the key, permissions, balance access and the ability to receive status. If everything is correct, the conexão receives an “Online” or “Connected” status.
Step 5. Enable a estratégia
After the test, the usuário can select pairs, risco level, margem limit, reforço behavior, Recovery Mode and other configurações.
Typical conexão errors
| Error | Cause | O que to do |
|---|---|---|
| Invalid key | chave API or secret was copied incorrectly. | Create a new key or copy the values again. |
| No trading permission | Trade permission is disabled. | Enable trading permission, but keep withdrawal disabled. |
| IP not allowed | IP restriction does not include the server IP. | Add the correct server IP to the exchange whitelist. |
| Exchange unavailable | The exchange API is temporarily unavailable. | Wait and run the test again. |
Security principles
- Never enable permissão de saque for bot chaves API.
- Use separate chaves API for different estratégias.
- Use IP restrictions quando possible.
- Do not show API secrets in full after saving.
- Delete old keys if they are no longer used.
- Use 2FA on the exchange account.
Conclusão
The safest model is quando fundos remain on the usuário’s exchange, and BackFuture AI works only through limited API permissions. This allows the plataforma to automate trading logic without direct access to withdrawals.