# Roles Gemini uses a role-based system for private API endpoints so that you can separate privileges for your API keys. By assigning different roles to different API keys, you can create: 1. One API key that can trade, and 2. Another API key that can withdraw digital assets, or 3. An API key to have access to read-only endpoints You can configure which roles are assigned to your API keys by logging in to the Gemini Exchange website and going to API Settings to configure your API keys.
When you create an API key, the Trader role is assigned by default.
If you try to access an endpoint that requires a role you did not assign to your API key, you will get back a response with: - `403` status - a JSON response body with: - `reason` set to `MissingRole`, and - `message` explaining what role you need to add to your API key to use this endpoint See [Error Codes](/error-codes#error-codes) for more information about API error responses. ## Administrator
The Administrator role is exclusive to Master API keys.
Assigning the Administrator role to an API key allows this API key to: Create accounts within the Master Group View accounts within the Master Group ### Trader Assigning the Trader role to an API key allows this API key to: - Check balances - Place and cancel orders - Check the status of orders - See all deposit addresses - See all active orders - See your trade history and volume - View accounts within the Master Group ### Fund Manager Assigning the Fund Manager role to an API key allows this API key to: - Check balances - See all deposit addresses - Request new cryptocurrency deposit addresses - Withdraw cryptocurrency funds - View accounts within the Master Group - Execute internal transfers between two accounts within the same Master group ## Auditor
The Auditor role is read-only and cannot be combined with other roles.
Assigning the Auditor role to an API key allows this API key to: - Check balances - Check the status of orders - See transfers such as deposits and withdrawals - See all deposit addresses - See all active orders - See trade volume - See past trades - View accounts within the Master Group ### Endpoint summary Here's a summary of which role you need to assign to your API key to use each endpoint in the API: #### Account Scoped Endpoints
Endpoint URI Trader can access? Fund Manager can access? Auditor can access?
[Create New Order](/rest/orders#create-new-order) `/v1/order/new`
[Cancel Order](/rest/orders#cancel-order) `/v1/order/cancel`
[Cancel All Session Orders](/rest/orders#cancel-all-session-orders) `/v1/order/cancel/session`
[Cancel All Active Orders](/rest/orders#cancel-all-active-orders) `/v1/order/cancel/all`
[Wrap Order](/rest/orders#wrap-order) `/v1/wrap/:symbol`
[Order Status](/rest/orders#get-order-status) `/v1/order/status`
[Get Active Orders](/rest/orders#list-active-orders) `/v1/orders`
[List Past Trades](/rest/orders#list-past-trades) `/v1/mytrades`
[Get Orders History](/rest/orders#list-past-orders) `/v1/orders/history`
[Get Trade Volume](/rest/orders#get-trading-volume) `/v1/tradevolume`
[Get Notional Volume](/rest/orders#get-notional-trading-volume) `/v1/notionalvolume`
[Heartbeat](/rest/session#heartbeat) `/v1/heartbeat`
[Get Available Balances](/rest/fund-management#get-available-balances) `/v1/balances`
[Get Notional Balances](/rest/fund-management#get-notional-balances) `v1/notionalbalances/:currency`
[Get Deposit Addresses](/rest/fund-management#list-deposit-addresses) `/v1/addresses/:network`
[New Deposit Address](/rest/fund-management#create-new-deposit-address) `/v1/deposit/:network/newAddress`
[Transfers](/rest/fund-management#list-past-transfers) `/v1/transfers`
[Custody Account Fees](/rest/fund-management#list-custody-fee-transfers) `/v1/custodyaccountfees`
[Withdraw Crypto Funds](/rest/fund-management#withdraw-crypto-funds) `/v1/withdraw/:currency`
[New Clearing Order](/rest/clearing#create-new-clearing-order) `/v1/clearing/new`
[Clearing Order Status](/rest/clearing#get-clearing-order) `/v1/clearing/status`
[Cancel Clearing Order](/rest/clearing#cancel-clearing-order) `/v1/clearing/cancel`
[Confirm Clearing Order](/rest/clearing#confirm-clearing-order) `/v1/clearing/confirm`
[Clearing Order List](/rest/clearing#list-clearing-orders) `/v1/clearing/list`
[Clearing Broker List](/rest/clearing#list-clearing-brokers) `/v1/clearing/broker/list`
[Clearing Trades](/rest/clearing#list-clearing-trades) `/v1/clearing/trades`
[Get Instant Quote](/rest/instant#get-instant-quote) `/v1/instant/quote`
[Execute Instant Order](/rest/instant#execute-instant-order) `/v1/instant/execute`
[Add A Bank](/rest/fund-management#add-bank) `/v1/payments/addbank`
[Add A Bank CAD](/rest/fund-management#add-bank-cad) `/v1/payments/addbank/cad`
[View Payment Methods](/rest/fund-management#list-payment-methods) `/v1/payments/methods`
[Account Detail](/rest/account-administration#get-account-detail) `/v1/account`
[List Approved Addresses](/rest/fund-management#list-approved-addresses) `/v1/approvedAddresses/account/:network`
[Create Approved Address](/rest/fund-management#create-new-approved-address) `/v1/approvedAddresses/:network/request`
[Remove Approved Address](/rest/fund-management#remove-approved-address) `/v1/approvedAddresses/:network/remove`
[FX Rate](/rest/market-data#fx-rate) `/v2/fxrate/:symbol/:timestamp`
#### Master Scoped Endpoints
Endpoint URI Administrator can access? Trader can access? Fund Manager can access? Auditor can access?
[Create Account](/rest/account-administration#create-new-account) `/v1/account/create`
[Rename Account](/rest/account-administration#rename-account) `/v1/account/rename`
[Get Accounts](/rest/account-administration#list-accounts-in-group) `/v1/account/list`
[Transfer Between Accounts](/rest/fund-management#transfer-between-accounts) `/v1/account/transfer/:currency`
[Transactions](/rest/fund-management#get-transaction-history) `/v1/transactions`
Master level API keys can access Account level endpoints if the proper role is assigned. The account will need to be passed in the payload of the request as detailed [Using Master API Keys](/account-admin-endpoints#using-master-api-keys).