Skip to main content

Authentication

All VecTrade API requests require authentication with your VecTrade API key. Use X-API-Key as the primary header for hosted/public API traffic. Some direct deployments also accept Authorization: Bearer vq_..., but X-API-Key is the stable default.

API Key Format

API keys follow the format vq_ followed by a random string:
X-API-Key: vq_aaJFCQFZpv8BZU_RuLLAHlXP_Md3A55GhNeVtnn3Ykk

Making Authenticated Requests

cURL

curl -H "X-API-Key: $VECTRADE_API_KEY" \
  https://api.vectrade.io/v1/vq/quotes/AAPL
Alternative header form (when supported by your deployment):
curl -H "Authorization: Bearer $VECTRADE_API_KEY" \
  https://api.vectrade.io/v1/vq/quotes/AAPL

Python SDK

from vectrade import VecTrade

# Reads VECTRADE_API_KEY from environment automatically
client = VecTrade()

# Or pass explicitly
client = VecTrade(api_key="vq_your_key_here")

TypeScript SDK

import { VecTrade } from "@vectrade/sdk";

// Reads VECTRADE_API_KEY from environment
const client = new VecTrade();

// Or pass explicitly
const client = new VecTrade({ apiKey: "vq_your_key_here" });
Never hardcode API keys in source code. Use environment variables or secret managers.

Key Security Best Practices

  1. Rotate regularly — Generate new keys and revoke old ones monthly
  2. Use scoped keys — Create keys with minimum required permissions
  3. Separate environments — Use different keys for dev/staging/production
  4. Monitor usage — Check the dashboard for unexpected activity
  5. Use secrets managers — Store keys in Vault, AWS Secrets Manager, etc.

Key Permissions (Scopes)

ScopeAccess
quotes:readReal-time and historical quotes
fundamentals:readCompany financials, profiles, and statements
technicals:readTechnical indicators and scoring
news:readFinancial news articles
analyst:readAnalyst consensus, price targets, ratings
earnings:readEarnings history and calendar
insider:readInsider trading activity
options:readOptions chain data
sentiment:readMarket sentiment data
etf:readETF profiles and holdings

Error Responses

Missing or invalid keys return 401 Unauthorized:
{
  "error": {
    "type": "authentication_error",
    "message": "Missing or invalid API key",
    "docs_url": "https://docs.vectrade.io/guides/authentication"
  }
}
Insufficient permissions return 403 Forbidden:
{
  "error": {
    "type": "permission_error",
    "message": "API key does not have permission. Required scope: ai:read"
  }
}

SDK Error Handling

from vectrade import VecTrade, AuthenticationError

try:
    client = VecTrade(api_key="invalid_key")
    client.quotes.get("AAPL")
except AuthenticationError as e:
    print(f"Auth failed: {e.message}")
    print(f"Request ID: {e.request_id}")