setup.cash
Broker API Connections
Professional setup for direct broker APIs and MetaTrader bridge.
Quick start
- Open Settings → Trading → Broker API Keys.
- Select your broker and enter API credentials exactly as issued by your broker.
- Save the key, then click Test. Keep live trading kill switch ON until tests pass.
- For MetaTrader, use the dedicated EA pairing flow at Connect MetaTrader.
Provider matrix
This matrix shows supported authentication tests and execution capabilities in the current release.
| Provider | Category | Auth / API | SDK | Required credentials | Practice / Sandbox | Connection test | Automated strategy live | Manual live flows |
|---|---|---|---|---|---|---|---|---|
OANDA Docs | forex | API_KEY · REST | Official REST v20 docs Open SDK/docs | OANDA API Token + OANDA Account Number | Yes | Yes | Enabled | Enabled |
MetaTrader Bridge Docs | bridge | BRIDGE · REST + WEBSOCKET | MQL5 Docs Open SDK/docs | MetaTrader Password + MetaTrader Login / Account ID | Yes | Yes | Not yet | Enabled |
Binance Docs | crypto | HMAC · REST + WEBSOCKET | Binance Connector Node (@binance/connector) Open SDK/docs | API Key + API Secret | Yes | Yes | Not yet | Planned |
Coinbase Exchange Docs | crypto | HMAC · REST + WEBSOCKET | Coinbase Exchange API docs Open SDK/docs | API Key + API Secret (base64) + API Passphrase | Yes | Yes | Not yet | Planned |
Kraken Docs | crypto | HMAC · REST + WEBSOCKET | Kraken API docs Open SDK/docs | API Key + API Secret (base64) | No | Yes | Not yet | Planned |
Bybit Docs | crypto | HMAC · REST + WEBSOCKET | Bybit V5 API docs Open SDK/docs | API Key + API Secret | Yes | Yes | Not yet | Planned |
OKX Docs | crypto | HMAC · REST + WEBSOCKET | OKX API docs Open SDK/docs | API Key + API Secret + Passphrase | Yes | Yes | Not yet | Planned |
KuCoin Docs | crypto | HMAC · REST + WEBSOCKET | KuCoin API docs Open SDK/docs | API Key + API Secret + Passphrase | Yes | Yes | Not yet | Planned |
Bitget Docs | crypto | HMAC · REST + WEBSOCKET | Bitget API docs Open SDK/docs | API Key + API Secret + Passphrase | No | Yes | Not yet | Planned |
Gate Docs | crypto | HMAC · REST + WEBSOCKET | Gate API docs Open SDK/docs | API Key + API Secret | No | Yes | Not yet | Planned |
MEXC Docs | crypto | HMAC · REST + WEBSOCKET | MEXC API docs Open SDK/docs | API Key + API Secret | No | Yes | Not yet | Planned |
Alpaca Docs | stocks | API_KEY · REST + WEBSOCKET | Alpaca JS SDK (@alpacahq/alpaca-trade-api) Open SDK/docs | API Key ID + API Secret Key | Yes | Yes | Not yet | Planned |
Deribit Docs | crypto | HMAC · REST + WEBSOCKET | Deribit API docs Open SDK/docs | Client ID + Client Secret | Yes | Yes | Not yet | Planned |
Tradier Docs | stocks | API_KEY · REST | Tradier API docs Open SDK/docs | Access Token | Yes | Yes | Not yet | Planned |
Crypto.com Exchange Docs | crypto | HMAC · REST + WEBSOCKET | Crypto.com Exchange API docs Open SDK/docs | API Key + API Secret | Yes | No | Not yet | Planned |
IG Docs | forex | SESSION_TOKEN · REST | IG Labs API docs Open SDK/docs | IG API Key + IG Password + IG Username / Identifier | Yes | No | Not yet | Planned |
FXCM Docs | forex | SESSION_TOKEN · REST + WEBSOCKET | FXCM REST docs Open SDK/docs | FXCM API Token | Yes | No | Not yet | Planned |
Saxo OpenAPI Docs | forex | OAUTH2 · REST + WEBSOCKET | Saxo OpenAPI docs Open SDK/docs | OAuth Client ID + OAuth Client Secret | Yes | No | Not yet | Planned |
Interactive Brokers Docs | stocks | SESSION_TOKEN · REST + WEBSOCKET | IBKR Client Portal API docs Open SDK/docs | Gateway Session / API Key | Yes | No | Not yet | Planned |
TradeStation Docs | stocks | OAUTH2 · REST + WEBSOCKET | TradeStation API docs Open SDK/docs | OAuth Client ID + OAuth Client Secret | Yes | No | Not yet | Planned |
cTrader Open API Docs | bridge | OAUTH2 · REST + WEBSOCKET | cTrader Open API docs Open SDK/docs | Client ID + Client Secret | Yes | No | Not yet | Planned |
Bitfinex Docs | crypto | HMAC · REST + WEBSOCKET | Bitfinex API docs Open SDK/docs | API Key + API Secret | No | Yes | Not yet | Planned |
Bitstamp Docs | crypto | HMAC · REST | Bitstamp API docs Open SDK/docs | API Key + API Secret | No | Yes | Not yet | Planned |
Gemini Docs | crypto | HMAC · REST + WEBSOCKET | Gemini API docs Open SDK/docs | API Key + API Secret | Yes | Yes | Not yet | Planned |
Other | other | API_KEY · REST | Docs only | API Key / Token | No | No | Not yet | Planned |
Operational checklist
- Generate API keys with minimum scopes first, then add trade permissions only when needed.
- Whitelist only setup.cash server IPs if your broker supports IP restrictions.
- Keep one key per environment per broker (practice and live separated).
- Rotate keys immediately if tests fail with permission errors after previously succeeding.
- Review audit logs in broker portal and disable unused keys monthly.