SimuTrade - AI-Powered Simulated Securities Trading

Developer Documentation

Everything you need to integrate SimuTrade (simutrade.ai) into your AI trading applications.

Authentication

API key management, request signing, and security best practices.

API Key Authentication

SimuTrade (simutrade.ai) uses API keys to authenticate requests. You can create, manage, and revoke keys from the Settings page. Include your API key in every request using the Authorization header.

Request with API Key

# Include your API key in the Authorization header
curl -X GET "https://api.simutrade.ai/v1/portfolio" \
  -H "Authorization: Bearer ts_live_a1b2c3d4e5f6g7h8i9j0" \
  -H "Content-Type: application/json"

API Key Types

Live Keys

Prefix: ts_live_

Full access to all API endpoints. Trades are recorded and counted against your plan limits.

Test Keys

Prefix: ts_test_

For development and testing. Trades are simulated but not counted against limits.

Permissions

Each API key can be configured with specific permissions:

Permission	Description	Endpoints
read	View market data, portfolio, and order history	GET /market/*, GET /portfolio, GET /orders
trade	Place and cancel orders	POST /orders, DELETE /orders/*
portfolio	Full portfolio management	GET /portfolio, GET /account

SDK Authentication

Python

Python SDK

import simutrade

# Initialize with API key
client = simutrade.Client(api_key="ts_live_xxx")

# Or use environment variable
# export SIMUTRADE_API_KEY=ts_live_xxx
client = simutrade.Client()  # reads from SIMUTRADE_API_KEY

JavaScript / TypeScript

JavaScript SDK

import { SimuTrade } from 'simutrade';

// Initialize with API key
const client = new SimuTrade({ apiKey: 'ts_live_xxx' });

// Or use environment variable
// SIMUTRADE_API_KEY=ts_live_xxx
const client = new SimuTrade(); // reads from SIMUTRADE_API_KEY

Rate Limits

Rate limits are applied per API key and vary by plan:

Plan	Requests/min	Trades/day	API Keys
Free	60	100	1
Pro	600	10,000	5
Enterprise	Custom	Custom	Unlimited

Rate limit headers are included in every response:

Rate Limit Headers

X-RateLimit-Limit: 600
X-RateLimit-Remaining: 599
X-RateLimit-Reset: 1708387200

Security Best Practices

Never expose API keys in client-side code or public repositories.

Use environment variables to store API keys.

Rotate keys regularly and revoke unused keys.

Use the minimum required permissions for each key.

Monitor API key usage in the Settings dashboard.

Use test keys (ts_test_) during development.