Connecte Binance à ton trading bot

Why Binance

Binance is the deepest order book in crypto. For most majors you will get sub-bp slippage on retail-sized orders, and CCXT support is first-class — every endpoint Noon Barbari uses has been battle-tested for years. The trade-off is rate limits: Binance is unforgiving on weight per minute, so you should not poll the API outside what the strategy actually needs.

Binance is not available to US residents. If you are in the US, use Binance.US (a separate API) or Kraken / Coinbase Advanced Trade.

Before you start

Make sure your account is fully verified — Binance gates API key creation behind Identity Verified status. Enable 2FA with an authenticator app (Google Authenticator, Authy, or a hardware key). SMS 2FA alone is not enough; Binance now requires authenticator app or passkey to create trading keys.

If you plan to whitelist Noon Barbari's IP, also add a withdrawal address whitelist on your account — it does not block API trading but makes any rogue withdraw flat-out impossible.

Create the API key

1. Log in at binance.com and open Profile (top-right) → Account → API Management.
2. Click Create API. Choose System generated (HMAC-SHA256) — this is the standard secret-based key. If you prefer asymmetric keys, pick Ed25519 instead and Noon Barbari supports both.
3. Give it a memorable label, e.g. noon-barbari-live.
4. Complete the 2FA challenge.
5. Binance shows the API Key and Secret Key once and only once. Copy them straight into your password manager — you cannot retrieve the secret again.

Set the right permissions

On the new key, click Edit restrictions and configure:

• ✅ Enable Reading — required, always.
• ✅ Enable Spot & Margin Trading — required if the strategy trades spot.
• ✅ Enable Futures — required only if your strategy uses USDT-M or COIN-M futures.
• ❌ Enable Withdrawals — leave OFF. Noon Barbari never needs this.
• ❌ Permits Universal Transfer — leave OFF unless you specifically need cross-account transfers.

Save changes and complete the 2FA challenge.

IP whitelist

Strongly recommended. Click Restrict access to trusted IPs only and add Noon Barbari's egress IP:

51.38.112.198

Binance lets you list multiple IPs comma-separated; if you also run scripts from home, add that IP too. A whitelisted key cannot be used from anywhere else even if both the API key and secret leak.

51.38.112.198

Paste keys into Noon Barbari

Once the API key is created, copy the public key and the secret into Noon Barbari from the Profile → Exchange keys section of your account. Keys are encrypted at rest with a per-user envelope key and only decrypted in memory while a strategy run is active — they never leave the worker that needs them.

If the exchange issues a third value (passphrase, API memo, sub-account label), there will be a dedicated field for it. Save the form and the dashboard will run a lightweight balance query to confirm the credentials work.

Test the connection

Noon Barbari will issue a single read-only balance request the moment you save the key. A green tick means the credentials authenticated and your permission scopes match what the strategy needs. A red error usually points to one of four things: wrong key/secret pair, missing permission, IP whitelist mismatch, or 2FA grace period not yet expired.

Once green, run a small paper trade for a day before flipping a strategy to live. Real execution exposes you to fees, partial fills, and slippage that paper mode cannot replicate.

Security tips

Treat exchange API keys like SSH keys to a production server — rotate them on a schedule and revoke them the moment you no longer need them.

1. Never grant withdraw — Noon Barbari only needs read + trade. A key without withdraw cannot move funds out of your account, no matter who steals it.
2. Use a sub-account if your exchange supports them — isolates the bot's capital from your spot stack and your manual trading.
3. Enable IP whitelist even when the exchange does not require it.
4. Rotate keys every 90 days — set a calendar reminder. The exchange's UI will let you create a new key and revoke the old one in the same session.
5. Enable exchange-side alerts for new API keys, failed logins, and large orders so you find out about a compromise within minutes, not days.

Pièges fréquents

• Pasting the API Key into the Secret field — they look similar in length. Always copy from your password manager, not the Binance UI.
• Forgetting to enable Futures permission, then wondering why a USDT-M strategy hangs at Insufficient permissions.
• Whitelisting an IP, then changing it without updating the exchange — your strategy will start returning -2015 Invalid API key.
• Hitting the per-minute request weight cap when running many strategies on one key. Spread strategies across multiple keys, or upgrade to a higher Binance VIP tier.
• Storing the secret in plain text on disk. If you must paste it more than once, paste it into a password manager first.

Dépannage

• I get -2015 Invalid API-key, IP, or permissions for action.

  Three possibilities: the secret is wrong, the IP whitelist excludes Noon Barbari's egress, or the key lacks the permission your strategy needs. Re-check the whitelisted IP, confirm the secret in your password manager, and re-enable the right permission scope on the Binance side.

• My orders are rejected with code -2010 (insufficient balance).

  Either the balance really is short, or the strategy is trading the wrong wallet — Binance separates Spot, Margin, USDT-M, and COIN-M wallets. Move funds with Wallet → Transfer to match the wallet your strategy targets.

• Code -1021 Timestamp for this request is outside of the recvWindow.

  Server clock drift. Noon Barbari syncs via NTP automatically; if you see this only when local-testing, run sudo timedatectl set-ntp true (Linux) or enable automatic time on your host.

• Can I use Binance.US instead?

  Yes — it is a separate API, separate KYC, and a separate exchange entity in CCXT. Use the binanceus connector when configuring keys. Liquidity is materially lower than global Binance, so factor that into slippage assumptions.

• Does Noon Barbari support Ed25519 API keys?

  Yes. Pick Ed25519 when creating the key on Binance, paste the public + private key, and the platform signs requests with the asymmetric variant. Ed25519 keys cannot be downgraded to HMAC, so keep the original secret backup.