Request Access to all APIs for your accounts
Access to all APIs has been available for several weeks now but it has finally been officially announced.
The access can be requested through the DARWINs --> DARWIN API
We are offering two different ways to access the APIs:
- Generic Access to DARWIN data APIs
- Access to all the APIs for your account
Generic Access to DARWIN data APIs
This is the more simple access. An access token with a long expiration time is provided and it is enough for accessing the DARWIN Info API, DARWIN Quotes API and the QuoteWebSocket. The token is granted for your user and it does not allowed to access any info related to your investor accounts. It only provides access for you to info about DARWINs.
Access to all the APIs for your account
This access allows the usage of all your investor accounts for DEMO or for LIVE (each environment has different tokens) for all the APIs. Therefore, it allows not only to analyze data related to DARWINs but also information about your investor accounts or raising orders in DARWINs, allowing to have an automated portfolio strategy.
The generation of this token will ask you to confirm the access by providing your darwinex password again in the redirection appearing after clicking on “Generate Token” button. In technical terms, this access is being requesting by using the OAuth2 Authorization Code Grant Flow, slightly simplified.
In this case, the authentication through the redirection will appear in the history of logins in the Settings --> Account Information of your account as “Login (DARWIN API)”
In this case the Access Token provided has a brief expiration time of 1 hour. But this token can be “refreshed” by using the OAuth2 Refresh Token grant, retrieving new access token and refresh token valid for another hour every time it is requested. There is a brief explanation of the refresh token grant here: https://help.darwinex.com/api-walkthrough#refresh3
Your bot will require the consumer key, consumer secret and current refresh token.
The “Cancel All Token” button
This option will delete all configuration raised for your access to the APIs, revoking all tokens provided and not allowing to use the consumer key / consumer secret provided again. Use this button in case you think your credentials have been exposed.