View Source

We have Public API Documentation on Postman! Postman is a common tool for building, testing and writing documentation for APIs.

We have also included an example file for you to experiment with.

Current API Endpoints

Our API collection provides a range of endpoints corresponding to different resources and functionalities within the platform. The following are currently available.

User

GET /user: returns the user, confirming that the API key works and who it is for.

Asset & Price Data

GET /api/assets: Retrieve a list of available assets
GET /api/assets/prices: Retrieve detailed information about a specific market.
GET /api/assets/close: Retrieve the recent close price of assets

Orders

GET /api/orders: Retrieve a collection of company orders matching filter parameters
POST /api/order: Place a new order.
GET /api/orders/{order_ULID}: Retrieve a single order record.

Trades

GET /api/trades: Retrieves a collection of company trades matching filter parameters
GET /api/trade/{trade_ulid}: Retrieve a single trade record.

Market Information

GET /api/market/trades: Retrieve the data for all trades by all companies on the market for up to 24 hours.

Request and Response Formats

Requests

Headers:
- Content-Type: application/json for endpoints accepting data.
- Authorization: Bearer <API_KEY> for authenticated requests.
Body:
- For endpoints that accept data (e.g., POST, PATCH), the request body must be in JSON format, containing the relevant attributes for the resource being created or updated.

Responses

Body:
- All successful responses will return data in JSON format.
- The structure of the response will depend on the endpoint but will typically include attributes of the resource(s) being retrieved or a confirmation of the action taken.

Authentication for API Access

The API will employ a secure authentication mechanism using API keys to ensure that only authorized users can access the API. The authentication process will be as follows:

API Key Generation:
- API keys can be generated through the user's account settings in the platform's UI. Keys can be issued at a company level or for individual users, depending on the required scope of access.
API Key Usage:
- To authenticate an API request, the user must include their API key in the Authorization header as a bearer token.
Security Measures:
- All API requests must be sent over HTTPS to ensure the security of data in transit.
- Rate limiting and other security measures are implemented to protect the API from abuse and to ensure the stability of the platform.