On Monday 10th August we will be invalidating all API tokens for retail customers that were created prior to August 3rd 2020 and do not have at least one IP address or subnet whitelisted.
We want to keep your API keys safe and secure, but we need your help:
We request all Liquid customers to follow the below steps:
Never share API keys with third-party services.
Always whitelist IP addresses or subnets for API access on Liquid.
Instructions can be found in help center, How to whitelist IP addresses for API | Help Center
Store API keys securely to prevent unauthorized access.
What do you need to do?
We request that all retail customers immediately delete their current API tokens and create new ones. When doing so, we encourage you to whitelist either an individual IP address, or an appropriate subnet range.
To further enhance security for Liquid customers, on Monday 10th August we will be invalidating all API tokens for retail customers that were created prior to August 3rd 2020 and do not have at least one IP address or subnet whitelisted.
We will continue to do all we can to keep our customers safe. This includes keeping funds secure and making it extremely difficult for any malicious actor to take over any other person’s account. However, to repeat, we cannot control what happens outside of our exchange platform, including with third-party API services.
If you have any questions or concerns, please visit Help Center and chat to one of our Customer Champions.