4.1. Authenticate the cTrader Backend

Method URL
POST /oauth2/crmApiToken

Authenticates all subsequent requests made by the cTrader backend area by exchanging a pre-generated valid password into an access token. This token should be valid for at least a week; its expiration period can be increased at the broker’s discretion.

Request Body

Key Required? Data Type Description
password Yes string The password generated by the cTrader backend.


Key Data Type Description
crmApiToken string A non-repeatable token authenticating the cTrader back office. After its issuance, it is placed in the memory storage of the cTrader backend.

Request Example

curl -X POST ‘https://brokerCrmUrl.com/cid/oauth2/crmApiToken’ -H ‘Content-Type: application/json’ -H ‘Accept: application/json’ -d ‘{"password": "af34mn0pphg2893nmaf26hmy"}’

Expected Response Status Code



    "crmApiToken": "cr56mng23454laf5545sdfdf234fs541200sdf"

Last update: February 6, 2023