Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/tiagosiebler/binance/llms.txt

Use this file to discover all available pages before exploring further.

The Binance SDK is primarily designed for Node.js, but it can also run in browser environments. The SDK uses isomorphic-ws for WebSocket support, which means WebSocket connections work natively in both Node.js and browsers without any polyfill. For REST API calls the picture is more nuanced — most authenticated endpoints are not usable directly from a browser, but public market data endpoints work fine, and you can proxy private calls through a backend server.

Two Approaches

The SDK ships a pre-built UMD bundle in the dist/ directory. This bundle is compiled with webpack and is ready to drop into a <script> tag or import in a browser environment without needing a build step.
<!-- Load the pre-built bundle -->
<script src="node_modules/binance/dist/binanceapi.js"></script>
<script>
  const { MainClient } = binanceapi;

  const client = new MainClient();

  client.getSymbolPriceTicker({ symbol: 'BTCUSDT' })
    .then(ticker => console.log('BTC price:', ticker.price))
    .catch(console.error);
</script>
The pre-built bundle exposes all SDK exports under the binanceapi global variable, as configured by the webpack library setting.

CORS and Authenticated REST Calls

Never expose your Binance API keys in frontend code. API keys embedded in browser JavaScript are publicly visible to anyone who inspects your page source. Anyone with your keys can trade on your account, drain balances, or trigger withdrawals (if withdrawal permission is enabled).
Binance does not support browser-based authenticated REST calls for most endpoints. Even if you were willing to expose your API keys (which you should not be), Binance’s servers do not send the necessary CORS headers to allow cross-origin authenticated requests from browser origins.
For private REST API calls — account data, order placement, balance queries, and anything else that requires authentication — you must route requests through a backend proxy server that holds the API keys server-side. The browser sends requests to your own backend, your backend adds the API key and signature, and your backend forwards the request to Binance.
A simple proxy approach: 
Browser  →  Your Backend (Node.js)  →  Binance REST API

             Holds API keys securely
Your backend can use this same SDK with full authentication, while your frontend only calls your own API endpoints.

What Does Work in the Browser

While authenticated REST calls should go through a backend proxy, the following scenarios work directly from a browser:

Public market data (REST)

Unauthenticated REST calls — price tickers, order books, exchange info, candlesticks, and other public endpoints — work from a browser if Binance sends CORS headers for those endpoints.

WebSocket streams

All public WebSocket market data streams work from a browser. The SDK uses isomorphic-ws, which uses the browser’s native WebSocket API automatically. Private user data WebSocket streams are also possible if you obtain a listen key via your backend proxy.

Browser WebSocket Example

import { WebsocketClient, WS_KEY_MAP } from 'binance';

const ws = new WebsocketClient({
  beautify: true,
});

ws.on('open', ({ wsKey, wsUrl }) => {
  console.log('Connected:', wsKey, wsUrl);
});

ws.on('formattedMessage', (data) => {
  // Real-time trade updates
  console.log('Trade update:', data);
});

ws.on('exception', console.error);
ws.on('reconnecting', ({ wsKey }) => console.warn('Reconnecting:', wsKey));
ws.on('reconnected', ({ wsKey }) => console.info('Reconnected:', wsKey));

// Subscribe to public streams — no API key needed
ws.subscribe(
  ['btcusdt@trade', 'btcusdt@bookTicker', 'btcusdt@kline_1m'],
  WS_KEY_MAP.main,
);

Node.js Features Unavailable in Browsers

The webpack bundle automatically handles the most important differences between Node.js and browser environments, but be aware of the following limitations when targeting browsers:
The keepAlive and keepAliveMsecs options in RestClientOptions use Node.js’s https.Agent, which is not available in browsers. The webpack config sets https: false as a fallback, so these options are silently ignored in browser builds. Browser connection pooling is handled natively by the browser itself.
Binance WebSocket events sometimes include very large integers (e.g. order IDs) that exceed JavaScript’s Number.MAX_SAFE_INTEGER. In Node.js you can use BigInt or custom JSON parsers. In browsers, the same limitation applies. If precision matters, provide a customParseJSONFn that converts affected fields to strings.
const ws = new WebsocketClient({
  customParseJSONFn: (rawEvent) => {
    // Convert orderId values to strings to preserve precision
    return JSON.parse(
      rawEvent.replace(/"orderId":\s*(\d+)/g, '"orderId":"$1"')
    );
  },
});
process.env is not available in browser environments. Use your bundler’s environment variable injection (e.g. import.meta.env in Vite, or DefinePlugin in webpack) to inject configuration at build time — but only for non-secret values. Never inject API keys at build time.

Build docs developers (and LLMs) love

Get started for freeTalk to us