Not everything requires authentication. SX Bet has three tiers:
Operation
Auth required
Fetch markets, odds, trades, orders
None
Subscribe to WebSocket channels / register a heartbeat
API key
Post, fill, or cancel orders
Private key signature
No Auth — Reading data
API Key — WebSocket & Heartbeat
Private Key — Orders
All REST API endpoints are public. You can fetch markets, orderbooks, trades, fixtures, and more without any credentials. A base rate limit applies to all requests.
# No API key requiredcurl https://api.sx.bet/markets/active
To subscribe to real-time WebSocket channels (live odds updates, order book changes, trade events) or to register and cancel a heartbeat, you need an API key.You can generate an API key from your account settings on sx.bet.SX Bet uses Centrifugo for WebSocket connections. Pass your API key to the /user/realtime-token/api-key endpoint to get a connection token, then supply it via the getToken callback:
import { Centrifuge } from "centrifuge";const RELAYER_URL = "https://api.sx.bet"; // Mainnet — use https://api.toronto.sx.bet for testnetconst WS_URL = "wss://realtime.sx.bet/connection/websocket"; // Mainnet — use wss://realtime.toronto.sx.bet/connection/websocket for testnetasync function fetchToken() { const res = await fetch(`${RELAYER_URL}/user/realtime-token/api-key`, { headers: { "x-api-key": process.env.SX_API_KEY }, }); if (!res.ok) throw new Error(`Token endpoint returned ${res.status}`); const { token } = await res.json(); return token;}const client = new Centrifuge(WS_URL, { getToken: fetchToken,});client.connect();
The getToken function is called automatically on initial connect and whenever the token needs to be refreshed — no manual token management is needed.See the WebSocket Channels overview and Real-time Data for full channel documentation.
Any action that moves funds or modifies your orders requires a cryptographic signature from your wallet’s private key — proof that you — and only you — authorized that specific action. This includes:
Filling orders — taking a position on a market
Posting orders — placing a maker order on the book
Cancelling orders — removing your open orders
Never expose your private key. Store it in a .env file, never commit it to version control, and never share it. Anyone with your private key has full control of your wallet.
