Authentication
All VecTrade API requests require authentication with your VecTrade API key.
Use X-API-Key as the primary header for hosted/public API traffic.
Some direct deployments also accept Authorization: Bearer vq_..., but X-API-Key is the stable default.
API keys follow the format vq_ followed by a random string:
X-API-Key: vq_aaJFCQFZpv8BZU_RuLLAHlXP_Md3A55GhNeVtnn3Ykk
Making Authenticated Requests
cURL
curl -H "X-API-Key: $VECTRADE_API_KEY" \
https://api.vectrade.io/v1/vq/quotes/AAPL
Alternative header form (when supported by your deployment):
curl -H "Authorization: Bearer $VECTRADE_API_KEY" \
https://api.vectrade.io/v1/vq/quotes/AAPL
Python SDK
from vectrade import VecTrade
# Reads VECTRADE_API_KEY from environment automatically
client = VecTrade()
# Or pass explicitly
client = VecTrade(api_key="vq_your_key_here")
TypeScript SDK
import { VecTrade } from "@vectrade/sdk";
// Reads VECTRADE_API_KEY from environment
const client = new VecTrade();
// Or pass explicitly
const client = new VecTrade({ apiKey: "vq_your_key_here" });
Never hardcode API keys in source code. Use environment variables or secret managers.
Key Security Best Practices
- Rotate regularly — Generate new keys and revoke old ones monthly
- Use scoped keys — Create keys with minimum required permissions
- Separate environments — Use different keys for dev/staging/production
- Monitor usage — Check the dashboard for unexpected activity
- Use secrets managers — Store keys in Vault, AWS Secrets Manager, etc.
Key Permissions (Scopes)
| Scope | Access |
|---|
quotes:read | Real-time and historical quotes |
fundamentals:read | Company financials, profiles, and statements |
technicals:read | Technical indicators and scoring |
news:read | Financial news articles |
analyst:read | Analyst consensus, price targets, ratings |
earnings:read | Earnings history and calendar |
insider:read | Insider trading activity |
options:read | Options chain data |
sentiment:read | Market sentiment data |
etf:read | ETF profiles and holdings |
Error Responses
Missing or invalid keys return 401 Unauthorized:
{
"error": {
"type": "authentication_error",
"message": "Missing or invalid API key",
"docs_url": "https://docs.vectrade.io/guides/authentication"
}
}
Insufficient permissions return 403 Forbidden:
{
"error": {
"type": "permission_error",
"message": "API key does not have permission. Required scope: ai:read"
}
}
SDK Error Handling
from vectrade import VecTrade, AuthenticationError
try:
client = VecTrade(api_key="invalid_key")
client.quotes.get("AAPL")
except AuthenticationError as e:
print(f"Auth failed: {e.message}")
print(f"Request ID: {e.request_id}")