Skip to content


Welcome to the Qredo API suite v1.

Work in progress

As of Q3 2022, Qredo API v1 is being rolled out. The first services launched and their respective documentation are a work in progress and subject to updates.


To use the Qredo API v1, you must have a:

API introduction

Qredo Services provide a standard RESTful web service that uses HTTPS and exchanges JSON-formatted data, i.e., the content type of requests (where applicable) and responses is application/json.

API environments and Base URLs

Two API environments are available: API Production environment and API Sandbox.


Production is the live environment.

Production base URL:


The experience in the Sandbox is very similar to that on Production. However, you can only use Testnet assets in the Sandbox.

Sandbox base URL:


The header of every API request must contain your API key and API secret. The API key authenticates your API user, and the secret is used to sign and encrypt every API request.

Further information

See Generate API key and secret and Sign API calls.

API timestamps

All API timestamps are in Unix Epoch format.

API requests

The API requests use standard HTTP methods: GET, PUT, POST, and DELETE. Every request submitted to the API must be signed and encrypted using the HMAC-SHA256 hashing algorithm. This provides request integrity and adds a security layer in terms of authorization with the API service.

Request headers

All API resources use the same header format.

With every API request, you must supply the following headers:

Header Description
accept: application/json All payloads are in JSON
qredo-api-sig The unique signature generated for each API request (including the JSON payload where applicable)
qredo-api-ts The signature timestamp
qredo-api-key The API key as generated by the user in the Qredo Web App

Request examples

In the API specification, requests are presented as curl requests, e.g.:

curl -X GET

The body of each request (if applicable) is presented as uncompressed JSON.

API responses

Responses use standard HTTP codes to indicate status and errors. Data is returned in JSON format unless the endpoint specifically serves to provide a specialized payload, e.g., .csv.

Response examples

In the API specification, the return data in each response is presented as formatted JSON. For example, the return body of GET /balance is structured as follows:

  "assets": [
      "BTC": {
        "total": 1000,
        "available": 980,
        "pendingIn": 20,
        "pendingOut": 0,
        "scale": 1
      "ETH": {
        "total": 2000,
        "available": 1500,
        "pendingIn": 500,
        "pendingOut": 0,
        "scale": 1

Personal vs. Organizational accounts

Qredo API v1 responses are returned on a by-key basis. For example, you may be linked to one (or more) Organizations via your Personal Qredo account. However, the Qredo API v1 returns data according to the API key used, i.e., each call is specific to one account.

If you use a Personal account API key, your API call returns data regarding that Personal account. Similarly, when you are using the API key of an Organizational account, all details and API actions relate to that Organizational account only.

Granular control

API keys may provide a level of access below the account level. Such granular access is a key component of the customizable nature of Qredo's custody layer.

Last update: 2022-12-14