Skip to main contentAuthentication
This API uses Bearer token authentication with two access levels:
- Standard Access: Required for most endpoints. Include token in Authorization header as
Bearer <token>
- Extended Access: Required for sensitive financial data. Include enhanced token in Authorization header as
Bearer <token>
Token Lifecycle
- Tokens expire after 1 year from issuance
- Expiration date is included in the token’s
exp claim
- System will return 401 with TOKEN_EXPIRED code when using expired tokens
- Obtain a new token before expiration to ensure uninterrupted access
- No refresh tokens are provided - request a new token when needed
Rate Limiting
- Standard endpoints: 100 requests per minute
- Financial endpoints: 20 requests per minute
Common Error Codes
- 400: Bad Request - Invalid parameters or request format
- 401: Unauthorized - Missing or invalid API key
- 403: Forbidden - Insufficient permissions for the requested resource
- 404: Not Found - Resource doesn’t exist
- 429: Too Many Requests - Rate limit exceeded
- 500: Internal Server Error - Please contact support
