TradeZone |TradeZone — Professional Crypto Exchange

MT4 / MT5 API Integration Guide

Connect your MetaTrader 4 or MetaTrader 5 Expert Advisor directly to TradeZone using our secure REST API. All requests are authenticated with HMAC-SHA256 — the same standard used by major exchanges.

Quick Start

1Generate an API key — go to My API Keys, create a key and enable the forex permission.

2Download the EA — click a link below to get the pre-built Expert Advisor template.

3Install in MT4/MT5 — copy the .mq4 / .mq5 file into your MetaEditor Experts folder and compile.

4Allow WebRequest — in MT4/MT5 go to Tools → Options → Expert Advisors and add tradezone.forex to the allowed URLs list.

5Configure inputs — set ServerURL, ApiKey, and ApiSecret in the EA input panel.

⬇ Download TradeZone_MT4.mq4 ⬇ Download TradeZone_MT5.mq5

Base URL & Authentication

All API endpoints are under:

https://tradezone.forex/index.php/api/Forex/

Every authenticated request must include these HTTP headers (or equivalent GET/POST parameters):

Header	Value
X-API-KEY	Your API key string
X-TIMESTAMP	Current Unix timestamp (UTC, seconds)
X-SIGNATURE	HMAC-SHA256 of `timestamp + METHOD + path + body` using your API secret

Signature Example (pseudo-code)

timestamp = unix_time_utc()
message   = timestamp + "POST" + "/index.php/api/Forex/open" + request_body
signature = HMAC_SHA256(api_secret, message)   // lowercase hex

The EA template handles all signing automatically. If you are building your own client, use the pattern above.

Endpoints

GET/ping — Server health check (no auth required)

{"status":1,"data":"ok","ts":1744200000}

GET/price?symbol=EURUSD — Live bid/ask for a symbol

Symbol format: MT4/MT5 style (EURUSD) or OANDA style (EUR_USD). Both accepted.

{"status":1,"data":{"bid":1.08432,"ask":1.08451,"mid":1.08442,"spread":1.9,"spread_pips":1.9,"tradeable":true,"source":"oanda"}}

GET/account — Account equity and margin summary auth

{"status":1,"data":{"balance":10000.00,"equity":10234.50,"used_margin":500.00,"free_margin":9734.50,"margin_level":2046.9,"open_pnl":234.50}}

GET/positions — Open positions auth

{"status":1,"data":[{"id":42,"symbol":"EUR_USD","direction":"buy","units":10000,"entry_price":1.08400,"profit":34.50,...}]}

POST/open — Open a position or place a pending order auth

Parameter	Type		Description
symbol	string	req	e.g. `EURUSD` or `EUR_USD`
direction	string	req	`buy` or `sell`
units	integer	req	Number of units (1,000 = 0.01 lot for EUR/USD)
leverage	integer	req	e.g. `100` (capped to pair maximum)
sl_price	float	opt	Stop-loss price (0 = none)
tp_price	float	opt	Take-profit price (0 = none)
order_type	string	opt	`limit` or `stop` for pending orders
trigger_price	float	opt	Required when `order_type` is set

POST/close — Close an open position (fully or partially) auth

Parameter	Type		Description
position_id	integer	req	ID from `/positions`
units	float	opt	Units to close (omit for full close)

POST/modify — Update SL/TP on an open position auth

Parameter	Type		Description
position_id	integer	req	Open position ID
sl_price	float	opt	New stop-loss price (0 = remove)
tp_price	float	opt	New take-profit price (0 = remove)

Symbol Reference

The API accepts both MT4/MT5 format (EURUSD) and OANDA format (EUR_USD).

MT4/MT5	TradeZone API	Category
EURUSD	EUR_USD	Forex
GBPUSD	GBP_USD	Forex
USDJPY	USD_JPY	Forex
AUDUSD	AUD_USD	Forex
USDCHF	USD_CHF	Forex
USDCAD	USD_CAD	Forex
NZDUSD	NZD_USD	Forex
EURGBP	EUR_GBP	Forex
EURJPY	EUR_JPY	Forex
GBPJPY	GBP_JPY	Forex
XAUUSD	XAU_USD	Metals (Gold)
XAGUSD	XAG_USD	Metals (Silver)
US30	US30_USD	Indices (Dow Jones)
SPX500	SPX500_USD	Indices (S&P 500)
NAS100	NAS100_USD	Indices (NASDAQ)

Response Format

All responses are JSON. status: 1 = success, status: 0 = error.

{
  "status": 0,
  "info":   "Insufficient free margin. Required: $500.00, Available: $120.30"
}

Security Notes

API keys are account-scoped — each key can only act on the account it belongs to.
Timestamps older than ±300 seconds are rejected (replay attack prevention).
Your API secret is never transmitted — only the HMAC signature is sent.
Negative Balance Protection is enforced server-side — you can never lose more than your deposited margin.
Rate limit: 60 requests/minute per API key.

Need help? Contact support@tradezone.forex or open the live chat on the bottom right.