Client Portal Web API 2023 Latest Release Notes

October 2023

Endpoint: /one/acesuser

  • If the IBroker has configured their Broker’s ID, this endpoint will return wbid: “BRKID” for example, which displays a Unique White Branded Identification from the IBroker. If none, it was not configured by the IBroker, wbid will return an empty string.

Endpoint: /iserver/account/orders

  • For client who submit orders via FIX with their own generated ID or custom order ID, will receive their own id in ticket_id. For those didn't generate their own, ticket_id will be auto-generated.

Endpoint: /portfolio/accounts:

  • New account properties, for clients with Crypto permissions, added which will return Crypto Provider, PrepaidCrypto-Z (ZEROHASH) or PrepaidCrypto-P (PAXOS)

Endpoint: /user schema: hasBrokerageAccessInd

  • New property, hasBrokerageAccessInd, which has two possible return value: true or false, to see if a user is connected to a Brokerage Session or not.

Response Example:

{"schema": {

"user": {

"hasBrokerageAccessInd": 1


Three new endpoints /iserver/account/allocation/* to support FA Setup Group Create/Modify/Delete and Allocation Presets

  1. /iserver/account/allocation/accounts

    1. GET /iserver/account/allocation/accounts

  2. /iserver/account/allocation/group

    1. POST /iserver/account/allocation/group

    2. PUT /iserver/account/allocation/group

    3. DELETE /iserver/account/allocation/group

  3. /iserver/account/allocation/presets

    1. GET /iserver/account/allocation/presets

    2. POST /iserver/account/allocation/presets

Two new endpoints /trsrv/event/*

  1. /trsrv/event/categories

    1. Will return a list of CME events categories, economics events categories.

  2. /trsrv/event/binaryoptions

    1. Details of the binaryoptions

Endpoint: /iserver/auth/ssodh/init

  • New property that will return the hardware information such as Machine ID and MAC address. Example: hardward_info: “1ab7d23|A2:B1:C3:15:68

Endpoint: /iserver/reply

  • When the user is prompted with an order question that requires the user to select Accept or Reject, the return response code will return as 200 instead of 500 once a selection is selected, Accept or Reject.


  1. topic sbd+accountId+conid

    1. The FX bid and ask size will return as String with quantity identifier. For example, it previously returned "Ask: 2" for 2000000 and now it will return "Ask: 2M" to show the quantity identifier, 'M'.

  2. topic: smh+conid+{"period":"1d"}

    1. This has been updated to return fractional volume in the "v" volume in data field

April 2023

IBroker accounts query - Dynamic Account

  • IBroker accounts configured with Dynamic Account (DYNACCT) property need to dynamically query and set specific account number using the below 2 endpoints.

    • GET {baseURL}/iserver/account/search/{accountId}

      • Example: GET

    • POST {baseURL}/iserver/dynaccount?acctId={accountId}

      • Example: POST

API Document update: Get details of an alert endpoint

  • GET /iserver/account/alert/{id}?type=Q TACDOC-487 REQUESTED WEBAPI-1029 DONE

    • Required parameters:

      • path parameter

        • id = specify the order_id of the alert

      • query parameter

        • type = specify the type of alert query. Value of "Q" must be specified for querying details of an alert.

API Document update: CP WEB API Authentication via DAM TAC

  • Authentication steps for DAM SSO when using a bearer token to access the CP Web API.

  • Prerequisite: Client System can only test bearer tokens in a production environment, you will need a prod CSID and can test with an associated paper user.

  • Validate & Sign: Client Systems will do the following to get a bearer token to access CP WebAPI:

  • Created the payload like below:

    • { “UID”: "<UserID>", IP: "<IP of the user calling CP WebAPI", CONTEXT: "CP_API" } or

    • { “COUNTERPARTY”: “<counterparty>”, IP: “<IP of the user calling CP WebAPI", CONTEXT: "CP_API" }

  • Generate Token:

    • Encrypt and sign the data above and then do a base64 of that and send as payload below.

    • Call end point /sso/dam/token

  • Use Bearer with CP WebAPI:

    • Base URL:

    • Prod Environment: /v1/alpi

    • Client takes the ACCESS_TOKEN and sends to CP WebAPI as Authorization Header in each and every call, example for /portfolio/accounts

    • CP WebAPI checks if Authorization Header is present. If yes, it should be of format : "Bearer <longJWTokenContainingSSOSession>". It takes the longToken and calls /sso/validate4 as usual. If valid, lets the client continue making other api calls

  • Validate with CP WebAPI:

    • Call end point /sso/validate

Tokens are valid up to 60m. Every time /sso/validate is sent it will extend the token session.


Hash Id: ed4af2592e9dd4a784d5403843bd18292fd441ea

Custom API

  • base URL /v1/tvp

  • TradingView Public Web API Release #1

    • FX Web API

  • Support Multiple iServer MD Subscriptions for One Conid

  • GET /iserver/currency/pairs

    • Obtains available currency pair info for a specific currency

    • Query Param:

      • currency: FX symbol

      • Ex: GET /iserver/currency/pairs?currency=USD

  • GET /iserer/exchangerate

    • Gets the exchange rates of currency pair

    • Query Params:

      • source: Target FX symbol

      • target: Target FX symbol

      • Ex: GET /iserer/exchangerate?source=AUD&target=USD

February 2023

Hash Id: ed4af2592e9dd4a784d5403843bd18292fd441ea

  • Use 4 part twsInfo in conf.json for all web api instances

  • Upgrade to Vert.x 4.3.5

New endpoints

API - will expose user signatures, access rights and account owners.

  • GET /acesws/{accountId}/signatures-and-owners

  • Returns a list of account signatories and owners which should be an object. Example: [ {entityType: Individual | Joint | ORG, name: String}, {entityType: ..., name: ...}]