This guide provides a clear, step-by-step walkthrough for generating your Kraken API key and secret. Whether you're looking to automate your trading strategies or connect your account to a portfolio tracker, setting up API access is a fundamental skill for any active cryptocurrency user.
Why Set Up a Kraken API Key?
An API (Application Programming Interface) key allows different software applications to communicate with each other securely. For Kraken users, this means you can grant approved third-party services permission to access specific account data—such as your balance or trade history—without ever sharing your login credentials. This is crucial for maintaining security while using portfolio tracking tools, tax software, or trading bots.
Key benefits of using a Kraken API include:
- Enhanced Security: Avoid manually exporting and uploading sensitive CSV files.
- Automation: Enable real-time syncing of your trade data.
- Efficiency: Streamline your workflow by connecting to powerful crypto management platforms.
How to Generate Your Kraken API Key
Follow these steps to create your API credentials on the Kraken exchange.
Step 1: Log In and Navigate to API Settings
First, log in to your Kraken account. Once you are on the main dashboard, click on your profile name in the top-right corner. From the dropdown menu, select Settings. In the Settings menu, find and click on the API tab to manage your API keys.
Step 2: Create a New API Key
On the API management page, click the Generate API Key button. You will be prompted to enter a descriptive name for your key (e.g., "Portfolio_Tracker_2025") to help you identify its purpose later.
Step 3: Assign Key Permissions
This is the most critical step for security. Kraken will present you with a list of permissions to grant to this API key. It is a best practice to apply the Principle of Least Privilege—only enable the permissions that are absolutely necessary for the tool you are connecting to.
For most portfolio and tax tracking purposes, you typically only need to enable:
- Query Funds: Allows the service to check your account balances.
- Query Ledger Entries: Permits access to your deposit, withdrawal, and transaction history.
- Query Open Orders & Trades: Grants read-access to your current orders and past trade data.
Crucially, you should almost always AVOID enabling withdrawal permissions for a tracking service, as this is not required for its function and introduces unnecessary risk.
Step 4: Generate and Securely Store Your Credentials
After selecting your permissions, click the generate button. Kraken will then display your API Key and your Private Key. You must copy these and store them in a secure location, such as a password manager. Your private key will only be shown once and cannot be retrieved later. If you lose it, you will need to delete the key and create a new one.
Connecting Your API Key to a Portfolio Tracker
With your API key and secret generated, you can now connect your Kraken account to your chosen platform. The general process is similar across most services.
- Navigate to the "Add Exchange" or "Imports" section of your portfolio tracking platform.
- Select Kraken from the list of supported exchanges.
- You will be asked to paste your Kraken API Key and Private Key into the designated fields.
- Once submitted, the platform will test the connection. If successful, it will begin importing your historical and future trade data automatically.
👉 Explore more strategies for managing your crypto assets
Best Practices for API Key Security
Maintaining robust security around your API keys is non-negotiable. Follow these guidelines to protect your assets:
- Use Strong Permissions: Never grant more access than needed.
- IP Whitelisting (Advanced): For added security, you can restrict your API key to only work from specific IP addresses within the Kraken API settings.
- Regular Audits: Periodically review your active API keys in your Kraken settings and delete any that are no longer in use.
- Never Share Privately: Treat your private key like a password. Never share it publicly or send it over unencrypted channels.
Frequently Asked Questions
What are the main permissions I need for tax or portfolio tracking?
For tracking purposes, you generally only need read-only permissions. Enable "Query Funds," "Query Ledger Entries," and "Query Open Orders & Trades." This allows the service to see your balance and transaction history without any ability to trade or withdraw funds.
Is it safe to give my API key to a third-party service?
It is safe if you follow security best practices. By using an API key with strictly limited permissions (no withdrawal rights), you significantly reduce any risk. The service can only access the data you explicitly permit. Always ensure you are using a reputable and trusted platform.
What should I do if I lose my private API secret?
The private secret cannot be recovered. You must immediately revoke the compromised API key from your Kraken settings dashboard and generate a brand new key pair. This invalidates the old credentials, ensuring no one can use them.
Why is my API connection not syncing any data?
First, double-check that you correctly copied and pasted both the API key and the private key. The most common issue is incorrect permissions; ensure you have granted the necessary "Query" permissions for the data you expect to sync.
Can I use one API key for multiple services?
While technically possible, it is not recommended for security and organizational reasons. It is better to create a unique API key for each service you use. This allows you to customize permissions for each and easily revoke access for one service without affecting others.
How often does the API sync my data?
This depends entirely on the third-party service you connected to. Most reputable portfolio trackers sync data automatically every few hours or at least once per day. Check your platform's documentation or settings for specific sync intervals.