API reference
/
REST API
/
Reference data
/
Get list of assets

REST API (1.0.1)

Welcome to the Integral REST API reference.

Our REST API is for less latency-sensitive participants and has resource-oriented URLs, accepts JSON-encoded requests, returns JSON-encoded responses, and uses standard HTTP response codes, authentication, and verbs.

Contact Integral’s account management team to get connection details and credentials for access.

Authentication options

You can choose between two authentication methods:

Token-based authentication

An ID and password will be issued to you to generate and refresh/renew an access token. All REST API calls should pass this token to access authenticated services.

Get token

Users should use /v2/sso/login to get an access token. The access token is in SSO_TOKEN of the response header. Your token is valid for a limited time.

Pass token

The token should be sent in SSO_TOKEN of request headers.

Renew token

To keep your session alive, you can renew your token with /sso/tokens/renew. If your token is expired, you are issued a new token.

HMAC authentication

In this authentication method, you must sign each API request with a 'secret'. The 'secret' and 'userId' are issued to you during set up.

All REST requests must contain following header information:

Header attribute Description
AuthorizationThe base64-encoded signature.
DateA date and time as standard UTC string.
DigestSHA-256=base64(sha256(<body>)) If there is no request body, Digest should be set to the digest of a body of 0 length.
typeSet to hmac.

You must send an authorization header with the following parameterization:

credentials := "hmac" params
params := userId "," algorithm ", " headers ", " signature
userId := "username" "=" plain-string
algorithm := "algorithm" "=" DQUOTE (hmac-sha256) DQUOTE
headers := "headers" "=" plain-string
signature := "signature" "=" plain-string
plain-string   = DQUOTE *( %x20-21 / %x23-5B / %x5D-7E ) DQUOTE

Signature parameters

Parameter Description
usernameThe ID of the credential.
algorithmDigital signature algorithm used to create the signature. You should use hmac-sha256.
headersList of HTTP header names, separated by a single space character, used to sign the request.
signatureBase64 encoded digital signature generated by the client.

Sample authorization header

Authorization: hmac userId="user2@XCN1139",
  algorithm="hmac-sha256",
  headers="date content-type content-length",
  signature="XWL1oxJsbC4z3UvO6ZfvgjMvfj249WXSb7Gl/+t/Ql0="

Signature string construction

To generate the string that is signed with a secret, the client must take the values of each HTTP header specified by headers in the order they appear.

  1. If the header name is not request-line, then append the lowercase header name followed with an ASCII colon : and an ASCII space ' '.
  2. If the header name is request-line, then append the HTTP request line (in ASCII format), otherwise append the header value.
  3. If the value is not the last value, then append an ASCII newline \n. The string must not include a trailing ASCII newline.

API tracing

You can set X-Request-ID on the request's HTTP header to trace each API call. The system echos back this header in the response.

Status and error codes

All Integral REST APIs use the following general status codes. See endpoints for specific codes.

HTTP code HTTP statusMeaning
200OKSuccessful submission.
202ACCEPTEDRequest accepted by the system. You are expected to make another API call. Refer to individual API sections and endpoints for subsequent action.
400BAD REQUESTThere is an issue with request parameters. May have a message body that indicates the error. Refer to individual API sections and endpoints for specific errors.
401UNAUTHORIZEDYour IntegralAPI user is not authorized. May have a message body that indicates the error.
404NOT FOUNDThe endpoint could not be found. Either your valid request did not return any results or your request was malformed. May have a message body that indicates the error. Refer to individual API endpoints to confirm that the endpoint URL and parameters are correct.
500INTERNAL SERVER ERRORStop trading immediately and contact Integral Business Support with a complete error message and full details of the HTTP request and response. May have a message body that indicates the error.

4xx and 5xx status codes may return a JSON response body with the message parameter.

Reason codes

You determine the status of any call with a combination of:

  • Status code from the messaging technology (for example, REST/HTTP codes 200 and 404).
  • The reason code for the server. Not all responses include a reason code.

Use the following codes to interpret and act on status responses.

Reason code Description
RequestValidationError.amountOrder size is invalid.
RequestValidationError.CoIdNotSpecifiedClient order ID not specified.
RequestValidationError.DuplicateOrderOrder already exists for the given client order ID.
RequestValidationError.TypeNotSpecifiedOrder type not specified.
RequestValidationError.TIFNotSpecifiedTime in force not specified.
RequestValidationError.SideNotSpecifiedOrder side (buy or sell) not specified.
RequestValidationError.CurrencyNotSpecifiedOrder dealt currency not specified.
RequestValidationError.InvalidDealtCcyDealt currency is neither base currency nor term currency.
RequestValidationError.SymbolNotSpecifiedSymbol not specified.
RequestValidationError.InvalidCurrencyPairSymbol not valid or not supported by the system.
RequestValidationError.SizeNotSpecifiedOrder size not specified.
RequestValidationError.InvalidOrderQtyOrder size not valid.
RequestValidationError.InvalidPriceAccepted price invalid. Zero is invalid price.
RequestValidationError.BuySellMismatchBuy/Sell side of the accepted price is incorrect.
RequestValidationError.InvalidQuoteIDThe rateId of the previously quoted (PQ) order is invalid.
RequestValidationError.LegalEntitySetIncorrectlyAccount field incorrect.
RequestValidationError.OrderTypeNotSupportedOrder type not supported.
RequestValidationError.PriceMismatchAccepted price not the same as previously quoted price.
RequestValidationError.QuoteExpiredRate associated with the rateId not found. It has expired. Price is no longer valid.
RequestValidationError.tradingDisabledTrading is disabled.
Overview
License

Integral

Languages
Servers
Mock server

https://docs.fxinside.net/_mock/openapi/integral-api-reference/rest/

https://3ac93db9-6290-458d-9482-0dc0a0e9607a.remockly.com/

Authentication API

Endpoints to login with token-based authentication.

Operations

Market data

Endpoints to get prices, indicative rates, benchmark rates, and trade ticker rates.

Operations

Orders

Place, cancel, and query orders.

Operations

Trades

Trade operations (book, query, amend, roll, allocate, cancel). Also query orders for fills.

Only brokers and sales dealers can amend, roll, and allocate by default. Customer organizations can be configured to allocate trades (work with your Integral Technical Account Manager).

Operations

RFS/RFQ

The RFS/RFQ endpoints provide API access to two trading workflows:

  • Request for Stream (RFS): a stream of firm quotes from liquidity providers against your quote request for a symbol, tenor, amount, and direction for a given price type.
  • Request for Quote (RFQ): a single quote good for a duration you request. The server must be configured to enable the RFQ workflow. Please contact your Technical Account Manager to discuss settings.

You receive responses against your RFS and RFQ requests using the Query request response API and can choose to either accept the quote, withdraw your quote request, or you can allow the your request or quote to expire.

Request for Stream (RFS) workflow:

  1. Send your request:
    • Set the symbol, tenor, amount, and buy/sell direction.
    • Set the rfq property to false.
    • Set the expiry property to the expiration time of your stream request.
  2. Query the state of your request.
  3. Do one of the following:
    • Accept the quote.
    • Withdraw your quote request.
    • Let your quote request expire.

Request for Quote (RFQ) workflow:

  1. Send your request:
    • Set the symbol, tenor, amount, and buy/sell direction.
    • Set the rfq property to true.
    • Set the expiry property to your requested duration of the quote.
  2. Query the state of your request.
  3. Do one of the following:
    • Accept the quote.
    • Withdraw your quote request.
    • Let your quote request expire.
Operations

Positions

Get open positions.

Operations

Custody

Custody operations.

Operations

STP download

Get executed trades that have not been downloaded before.

To get trades that have been previously downloaded, you must first call the Prepare trades to resend endpoint.

Operations

Reference data

Fundamental business data (such as accounts, assets, and symbols) used by multiple endpoints.

Operations

Get list of assets

Request

List of all assets with details, such as whether you can deposit or withdraw, minimum withdrawal amount, and withdrawal fee. Use the currency parameter to get details of a specific asset.

Query
currencystring<= 17 characters

Digital asset code.

Example: currency=BTC
No request payload

Responses

Array of asset details

Bodyapplication/jsonArray [
currencystring<= 17 characters

Digital asset code.

Example: "BAT"
minWithdrawAmountstring<= 32 characters

Minimum withdrawal amount of digital asset.

Example: 70
depositStatusboolean

Whether the digital asset can be deposited.

Example: true
withdrawFeenumber(int64)

Fee for withdrawing the digital asset.

Example: 35
withdrawStatusboolean

Whether the digital asset can be withdrawn.

Example: false
]
Response
application/json
[
  {
    "currency": "BAT",
    "minWithdrawAmount": 70,
    "depositStatus": true,
    "withdrawFee": 35,
    "withdrawStatus": false
  }
]