getAccount() gives me 401 Unauthorized / Not logged in: Timestamp too far from current time

[ryan-eiv]

Using version 1.1.7

const key = 'apiKeyHere';
const secret = 'apiSecretHere';
const client = new RestClient(key, secret);
await client.getMarkets()  // this works!
await client.getAccount()  // this does NOT WORK

Errors look like this:

{
  code: 401,
  message: 'Unauthorized',
  body: { success: false, error: 'Not logged in' },
  headers: {
    ...
  },
  requestOptions: {
    ...
  }
}

[tiagosiebler]

It's working for me, are you on the latest version? Could it be your API credentials & how you created them?

I've also added an integration test for the method to be sure, and there's no issues in the CI run either: https://github.com/tiagosiebler/ftx-api/pull/74

[chriscappy16]

I'm having the same issue. Banging my head against the wall on this. I get Not logged in: Timestamp too far from current time. I've tried everything I can think

[tiagosiebler]

Timestamp too far from current time

@chriscap-fd this is the key to your problem. The api:secret signing mechanism works with a small window of time before the signature becomes invalid and the request won't be processed/accepted on the server - that is the RECV window.

Usually this error means the time on your machine is not in sync, so the server thinks your request is a lot older than it actually is. The real solution here is to try to fix your machine's time (e.g using something like NTP): https://docs.rackspace.com/support/how-to/using-ntp-to-sync-time/

[chriscappy16]

Appreciate the quick reply. I re-synced. Must have drifted. I manually checked and they were pretty close. FTX must really have tight tolerances. But...that didn't quite get me there. Now I'm getting:

{success: false, error: "Not logged in: Invalid API key"}

I have checked my key and secret upwards of 10 times. Generated a new key just to make sure I wasn't crazy.

[tiagosiebler]

Appreciate the quick reply. I re-synced. Must have drifted. I manually checked and they were pretty close. FTX must really have tight tolerances.

You can configure how tight it is using the 3rd parameter in the rest client: https://github.com/tiagosiebler/ftx-api/blob/master/src/rest-client.ts#L61

The property is called "recv_window" and takes a number in milliseconds, I currently have it set to 5000 (5 seconds) by default.

But...that didn't quite get me there. Now I'm getting:

{success: false, error: "Not logged in: Invalid API key"}

I have checked my key and secret upwards of 10 times. Generated a new key just to make sure I wasn't crazy.

Is this on FTX.com, not the US site? Is it for a specific subaccount only? Are you using IP whitelisting?

[chriscappy16]

I think I just figured it out. I guess this lib defaults to .com and I'm .us. .us uses different headers doesn't it?

[tiagosiebler]

I think I just figured it out. I guess this lib defaults to .com and I'm .us. .us uses different headers doesn't it?

Yes, that'll be it. You can set it to the US version of FTX using the domain property of the rest options. Here's an example: https://github.com/tiagosiebler/ftx-api/blob/master/examples/ftxus.ts#L28

[chriscappy16]

Thanks so much. That did it! Appreciate all your quick help.