EXMO
Connect EXMO
Sign in to connect your exchange and track your portfolio automatically
About EXMO
EXMO is a European exchange that supports both crypto-to-crypto and crypto-to-fiat transactions with competitive trading fees. The platform complies with KYC and AML regulations and serves over 2 million users across Europe, Asia, and beyond.
EXMO offers a variety of features, including spot trading, the Earn Program for passive income, ready-made Crypto Bundles, and tiered Premium packages that provide fixed Maker and Taker fee discounts from 15% to 100%. The exchange provides a user-friendly experience through its web interface and mobile apps for Android and iOS.
API access is also available for advanced trading operations
Editorial summary aggregated from CoinGecko and CoinMarketCap exchange profiles for EXMO, an exchange operating since 2014.
EXMO at a Glance
Key facts about EXMO compiled from verified market data and CoinGecko's exchange registry. These metrics help you evaluate liquidity, regulatory footprint and operational maturity before connecting a portfolio.
- Trust Score
- 7/10
- Rank #77
- 24h Volume (normalized)
- 1.2K BTC
- Available in
- 1 jurisdictions
- Poland
- Operating since
- 2014
- 12 years
- Trading incentives
- Not offered
- CCXT integration
- Supported
- exmo
- Data source
- CoinGecko exchange registry
Trading access & integration
EXMO is wired into Mantapex through the CCXT integration layer, so importing balances and trade history into a read-only portfolio requires an API key and a secret that you generate inside your own EXMO account. Because Mantapex never custodies your funds, the keys you create should be scoped to read access only — withdrawal, transfer and trading permissions are unnecessary for portfolio tracking and should remain disabled. The trust score and rank shown in the Quick Facts above are sourced from CoinGecko's exchange framework, which blends reported liquidity, web traffic patterns, regulatory posture and API health into a single signal — useful when comparing EXMO to peer venues, but never a substitute for your own due diligence. The headquarters jurisdiction shown above determines the regulatory framework, KYC tier and product mix EXMO can offer a given user, and that scope can change as licensing evolves. Verify eligibility and the local terms of service on the official site before opening an account. The operating history reflected above means there is a comparatively deep public trail of incidents, audits, fee schedules and product launches you can review when sizing EXMO against newer venues.
Connection metadata is read directly from Mantapex's CCXT integration manifest — credential requirements reflect what EXMO itself exposes to read-only API consumers and may evolve as the venue updates its API.
Getting Started with EXMO
1. Hover over your account in the upper right corner of your user interface. In the drop-down menu, click on the “Settings” section.
2. On the profile settings page select API.
3. In the new window press the “Create API key” button.
4. In the next window enter a name of your API key and choose the permissions.
5. Then you will see your key data.
Note: The Secret Key is displayed only once.
6. To activate your API key pair, follow the link that was sent to your email address. If you have followed all the steps, your API key will be activated and be ready to use. For your convenience, all your API keys are stored in the API Keys list.
Account, custody & security on EXMO
EXMO operates as a custodial trading venue: when you fund an account, the deposited assets are held in wallets controlled by the exchange and credited to your balance as a book-entry until you withdraw them. That trade-off — convenience and order-book liquidity in exchange for counterparty risk — is the central design choice of every centralised exchange and is what makes platform-level security so important to evaluate. EXMO has been running its custody and matching infrastructure since 2014, which gives it 12 years of operational track record for users to review when judging incident history, fund-recovery policy and any insurance or reserve-fund coverage.
Almost every major centralised exchange — including EXMO — operates under some form of KYC ("Know Your Customer") and AML ("Anti-Money-Laundering") obligations imposed by the jurisdiction it serves. EXMO is reported with its operating entity in Poland, so its baseline KYC programme follows that jurisdiction's rules — additional verification may still be requested for higher-tier withdrawal or fiat-on-ramp limits, and access to specific products can be restricted depending on where the user resides. Expect to provide a government-issued ID document and a recent proof-of-address at minimum; higher verification tiers may add liveness checks, source-of-funds questionnaires and accredited-investor confirmations.
For the specific case of connecting EXMO to Mantapex, the additional hardening layer is straightforward: generate a dedicated API key for read-only portfolio sync, label it clearly (for example "Mantapex read-only sync"), disable every permission except the minimum the exchange exposes for balance and trade-history queries, and store the secret in a password manager so you can rotate it on a schedule. If EXMO supports IP whitelisting and you connect from a stable address, restrict the key to that address. If you ever stop using Mantapex — or any other third-party dashboard — revoke the key on the exchange side rather than just deleting it from the dashboard, because the credential continues to authenticate against EXMO's API until EXMO itself invalidates it.
How to connect any exchange securely
Enable two-factor authentication on the exchange account itself before generating any API keys. The strongest options are hardware security keys (FIDO2 / WebAuthn devices such as YubiKey or Solo) where supported, followed by an authenticator app on a dedicated device (Aegis, Raivo, 1Password, or Google Authenticator); SMS-based 2FA is the weakest common method because of SIM-swap risk. Keep the recovery phrase or backup codes in offline cold storage rather than the same password manager you sign in with. Where the venue offers a withdrawal-address whitelist, turn it on: it shrinks the blast radius of a stolen key or hijacked session because funds can only leave to a pre-approved address after a cool-down. Pair that with anti-phishing codes, a dedicated email account, and alerts for new logins, withdrawal requests and API-key creation — most exchange-related losses originate from compromised individual accounts, not platform-wide breaches.
Security guidance on this page is generic exchange hardening that applies to every centralised crypto venue. For EXMO's exchange-specific policies — fund-segregation model, proof-of-reserves cadence, insurance coverage and incident-response history — the canonical references are EXMO's own Help Centre and any audit reports or attestations the venue publishes directly.
API access details for EXMO
Connecting EXMO as a read-only portfolio source on Mantapex relies on the credentials defined by EXMO's own API. The matrix below mirrors exactly what the CCXT integration layer asks for — ticked rows mean the field is required to authenticate, untouched rows mean EXMO doesn't ask for that field at all.
In short, EXMO requires 2 credentials to authenticate API requests: API key and API secret. All of these are generated from inside the exchange's own dashboard — Mantapex never asks you to share your account password or to set up an API key with withdrawal permissions enabled.
When you create the key on EXMO for use with Mantapex, restrict its permissions to read-only access (sometimes labelled "view", "read", "query" or "info"). Mantapex only needs to fetch balances, trade history and open positions. Withdrawal, trade-execution and transfer scopes should remain disabled. If EXMO offers a granular permission model, the safest combination is: enable "Read" or "View", disable "Trade" or "Spot trade", disable "Withdraw" or "Universal Transfer", and leave any margin / futures permission switched off unless you specifically want those positions visible inside your portfolio dashboard.
Some exchanges — Binance, OKX, Bybit, Bitget, KuCoin and several Asia-Pacific venues — offer an optional IP whitelist when you create the API key. Leaving the whitelist empty lets the key authenticate from any address, which is the simplest setup for use with a cloud-hosted dashboard such as Mantapex. If EXMO forces you to enter at least one IP and you don't have a static address, you can usually use a placeholder value the exchange recognises (for example "0.0.0.0/0" or the wildcard option) — consult EXMO's API documentation before relying on that workaround. Either way, the credentials remain in a read-only scope and cannot be used to move funds off the venue.
Credential schema sourced directly from the CCXT integration manifest used by Mantapex. EXMO may rotate or extend its API in the future — if the exchange asks for a credential not listed here when you create the key, you can safely ignore it for the purpose of a read-only Mantapex import.
Official resources & community for EXMO
The links below point to first-party EXMO properties. We track them so you can verify announcements, support channels and operator-published policies directly at the source rather than from third-party copies. External destinations open in a new tab and are marked nofollow per our resource-link policy.
Related exchanges & comparisons
Top exchanges by trust score
Peer sets sourced from CoinGecko's trust-score ranking and CCXT's exchange manifest. Inclusion here is not an endorsement — it simply means Mantapex tracks the venue with current trust / volume data.
Data Disclaimer
Exchange data is sourced from third-party providers and may not reflect real-time conditions.
Your Exchange Portfolio — Free Forever
Connect read-only API keys to see balances, orders & trade history. Mix with wallets, Polymarket & Kalshi — one portfolio for everything.