Account Updates

Overview

Receive real-time updates for your account activity through authenticated WebSocket connections. After connecting with valid API credentials, subscribe to the private channels you need (orders, balance, positions).

Account update streams require authentication and explicit subscription. Include a valid API key in the WebSocket connection headers (X-API-Key). Timestamp/signature headers are accepted but not enforced.

Available Private Streams

Order Updates

Real-time order status changes and fills

Balance Updates

Account balance changes from trades and transfers

Position Updates

Position changes and profit/loss updates

Account Notifications

Account-level alerts and status updates

Stream Types Overview

Channel	Description	Auto-Enabled	Authentication
`orders`	Order status changes and fills	❌ No (subscribe)	Required
`balance`	Account balance updates	❌ No (subscribe)	Required
`positions`	Position changes and PnL	❌ No (subscribe)	Required
`account`	Account-level notifications	❌ No (subscribe)	Required

Quick Start

Authenticated Connection Setup

const timestamp = Date.now().toString();
const signature = generateHMACSignature(apiSecret, timestamp);

const ws = new WebSocket('wss://ws.roxom.com/ws', [], {
  headers: {
    'X-API-KEY': 'your-api-key',
    'X-API-TIMESTAMP': timestamp,
    'X-API-SIGN': signature
  }
});

ws.onopen = () => {
  ws.send(JSON.stringify({
    op: 'subscribe',
    args: [ { channel: 'orders' }, { channel: 'positions' }, { channel: 'balance' } ]
  }));
};

ws.onmessage = (event) => {
      const data = JSON.parse(event.data);
  
  if (data.event === 'subscribe') return; // subscription ack
  if (data.data && data.data.type === 'order') handleOrderUpdate(data.data);
  if (data.data && data.data.type === 'position') handlePositionUpdate(data.data);
  if (data.data && data.data.type === 'balance') handleBalanceUpdate(data.data);
};

HMAC Signature Generation

function generateHMACSignature(secret, timestamp) {
  const crypto = require('crypto');
  return crypto
    .createHmac('sha256', secret)
    .update(timestamp)
    .digest('base64');
}

Message Format

All account update messages follow a consistent structure:

{
  "type": "order|balance|position|account",
  "data": {
    "accountId": "01234567-89ab-7def-8123-456789abcdef",
    // Type-specific data fields
    "timestamp": 1640995200000000000
  }
}

Common Use Cases

Order Management Systems

Risk Management

Portfolio Monitoring

Algorithmic Trading

Error Handling

Authentication Failed

Connection Timeout

Rate Limiting

Best Practices

State Management

Performance Optimization

Reliability

Authentication Requirements

To access private account streams, you need:

Valid API Credentials: Active API key with appropriate permissions
Proper Signature: HMAC-SHA256 signature of the timestamp
Current Timestamp: Within 30 seconds of server time
Correct Headers: All required authentication headers included

See the Authentication Guide for detailed setup instructions.

Next Steps

Set up Connection Authentication for private streams
Learn about specific Order Update message formats
Explore Balance Update tracking strategies
Review Position Update monitoring techniques

Overview

Connection

Market Data

​Overview

​Available Private Streams

Order Updates

Balance Updates

Position Updates

Account Notifications

​Stream Types Overview

​Quick Start

​Authenticated Connection Setup

​HMAC Signature Generation

​Message Format

​Common Use Cases

​Error Handling

​Best Practices

​Authentication Requirements

​Next Steps

Overview

Available Private Streams

Stream Types Overview

Quick Start

Authenticated Connection Setup

HMAC Signature Generation

Message Format

Common Use Cases

Error Handling

Best Practices

Authentication Requirements

Next Steps