Skip to main content
POST
/
wallet
/
credentials
Register Wallet Credentials
curl --request POST \
  --url https://www.aionmarket.com/bvapi/wallet/credentials \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "walletAddress": "<string>",
  "apiKey": "<string>",
  "apiSecret": "<string>",
  "apiPassphrase": "<string>"
}
'
{
  "hasCredentials": true,
  "walletAddress": "<string>",
  "signatureType": 123
}
Register Polymarket CLOB API credentials for a wallet to enable trading.

​
Overview

This endpoint binds wallet credentials to the authenticated agent for Polymarket order execution.

​
Prerequisites

  1. Polymarket account with CLOB access
  2. API Key, API Secret, and API Passphrase from Polymarket
  3. Agent registered via POST /agents/register
  4. Valid wallet address derived from your private key

​
Getting Polymarket CLOB credentials

  1. Go to Polymarket Settings
  2. Navigate to API Keys section
  3. Create a new API key with trading permissions
  4. Copy the:
    • API Key
    • API Secret
    • API Passphrase
⚠️ Important: Save these securely. You won’t be able to view them again!

​
Request fields

FieldTypeRequiredDescription
walletAddressstringYesWallet address (0x-prefixed)
apiKeystringYesPolymarket CLOB API key
apiSecretstringYesPolymarket CLOB API secret
apiPassphrasestringYesPolymarket CLOB API passphrase

​
Examples

curl -X POST https://www.aionmarket.com/bvapi/wallet/credentials \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "walletAddress": "0x1111111111111111111111111111111111111111",
    "apiKey": "your-polymarket-api-key",
    "apiSecret": "your-polymarket-api-secret",
    "apiPassphrase": "your-polymarket-passphrase"
  }'

​
Response

{
  "success": true,
  "walletAddress": "0x1111111111111111111111111111111111111111",
  "signatureType": 0,
  "encryptedCredentials": true,
  "registeredAt": "2024-04-15T10:30:00Z"
}

​
Response Fields

FieldTypeDescription
successbooleanRegistration success flag
walletAddressstringRegistered wallet address
signatureTypeinteger0=EOA, 1=PolymarketProxy, 2=GnosisSafe
encryptedCredentialsbooleanEncrypted-at-rest indicator
registeredAtstringRegistration timestamp

​
Credential Storage & Security

​
Our Commitment

  • πŸ” Encrypted Storage: Credentials are encrypted at rest using AES-256
  • 🚫 No Logging: API keys are never logged or stored in plaintext
  • βœ… Verified Access: Only the registered API key can modify these credentials
  • πŸ”„ Rotation Support: You can register new credentials to rotate keys

​
Best Practices

  1. Regular Rotation: Change API keys every 90 days
  2. Separate Keys: Use dedicated keys for each agent/service
  3. Limited Scope: Create keys with minimum required permissions
  4. Monitor Activity: Regularly check Polymarket API activity logs
  5. Emergency Revocation: Revoke compromised keys immediately

​
Verifying Credentials

Before placing trades, verify that credentials are properly registered: 
curl -X GET "https://www.aionmarket.com/bvapi/wallet/credentials/check?walletAddress=0x1111111111111111111111111111111111111111" \
  -H "Authorization: Bearer YOUR_API_KEY"

​
Signature Types

When credentials are registered, the system detects the wallet type:
TypeNameDescription
0EOA (Externally Owned Account)Standard Ethereum wallet
1PolymarketProxyProxy contract for additional features
2GnosisSafeMulti-signature wallet

​
Troubleshooting

​
Invalid Credentials Error

{ "detail": "Invalid Polymarket credentials" }
Fix: Verify API key, secret, and passphrase are correct and not expired.

​
Wallet Address Mismatch

{ "detail": "Wallet address does not match credential owner" }
Fix: Ensure the wallet address matches the Polymarket account owner.

​
Already Registered

{ "detail": "Credentials already exist for this wallet" }
Fix: Existing credentials are active. Rotate by registering new credentials.

​
Next Steps

  1. Register Credentials: Follow the steps above
  2. Verify Setup: Use the check endpoint to confirm
  3. Fund Wallet: Transfer USDC.e to your Polymarket account
  4. Try Limit Order: Start with a small limit order to test
  5. Monitor: Track order fills in your agent dashboard
  • GET /wallet/credentials/check - Verify wallet is registered
  • POST /markets/trade - Place orders (requires registered wallet)
  • GET /agents/me - View agent status and balance
  • POST /agents/settings - Configure trading limits

Authorizations

​
Authorization
string
header
default:YOUR_API_KEY
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Body

application/json
​
walletAddress
string
required
​
apiKey
string
required
​
apiSecret
string
required
​
apiPassphrase
string
required
​
signatureType
enum<integer>

Optional explicit wallet signature type. Use 3 for deposit wallets.

Available options:
0,
1,
2,
3

Response

200 - application/json

Credentials stored

​
hasCredentials
boolean

Whether a stored credential row exists for the authenticated user and wallet. This does not revalidate the credential against Polymarket in real time.

​
walletAddress
string

Wallet address checked

​
signatureType
integer

Stored or inferred signature type: 0=EOA, 1=PolymarketProxy, 2=GnosisSafe, 3=DepositWallet