Skip to main content
POST
/
user
/
leverage
Set User Leverage
curl --request POST \
  --url https://api.qfex.com/user/leverage \
  --header 'Content-Type: application/json' \
  --header 'x-qfex-hmac-signature: <api-key>' \
  --header 'x-qfex-nonce: <api-key>' \
  --header 'x-qfex-public-key: <api-key>' \
  --header 'x-qfex-timestamp: <api-key>' \
  --data '
{
  "leverage": 123,
  "symbol": "<string>"
}
'
{
  "leverage": 123,
  "$schema": "<string>"
}

Authorizations

x-qfex-hmac-signature
string
header
required

HMAC-SHA256 signature (hex-encoded).

x-qfex-nonce
string
header
required

Unique request nonce (hex encoded, max 100 characters).

x-qfex-public-key
string
header
required

QFEX API Authentication requires four headers:

  • x-qfex-public-key: Your public API key
  • x-qfex-hmac-signature: HMAC signature of the request (hex encoded)
  • x-qfex-nonce: Unique nonce for the request (hex encoded, max 100 characters)
  • x-qfex-timestamp: Unix timestamp of the request

All four headers are required for authentication.

Signature Generation:

  1. Generate a cryptographically secure random nonce (hex encoded, max 100 characters) and capture the current Unix timestamp.
  2. Build the string ${nonce}:${unix_ts} and compute an HMAC-SHA256 using your secret key.
  3. Hex-encode the HMAC result to get the signature.
  4. Send the auth payload with all four headers. The nonce must be unique within a 15 minute window.

Important: The signature itself must be hex-encoded before being sent in the x-qfex-hmac-signature header.

x-qfex-timestamp
string
header
required

Unix timestamp (seconds since epoch).

Body

application/json
leverage
number<float>
required
symbol
string
required

Response

OK

leverage
number<float>
required
$schema
string<uri>

A URL to the JSON Schema for this object.

Example:

"https://api.qfex.com/schemas/SetUserLeverageResponseBody.json"