4.2. Verify and Exchange an OT Token

Method URL
POST /oauth2/onetime/authorize

Verifies an OT token and exchanges it for a long-term access token.

Request Body

Key Required? Data Type Description
code Yes string An OT token generated by the broker's backend.


Key Data Type Description
accessToken string A non-repeatable token allowing for long-term access to the trading environment. It is only returned if a user has previously clicked on the ‘Keep Me Logged In’ tick box or a similarly named alternative.
userId string The unique ID of a specific user.

Request Example

curl -X POST ‘https://brokerCrmUrl.com/cid/oauth2/onetime/authorize?token=cr56mng23454laf5545sdfdf234fs541200sdf’ -H ‘Content-Type: application/json’ -H ‘Accept: application/json’ -d ‘{"code": "16chD7xeIxc3p387Cjdcnpax2er"}’

Expected Response Status Code


Please, see the Appendix for the additional error codes that may arise when making this API call and their meanings.

Response Example

    "accessToken": "0eZXAw8GJQ55RlDcALSVi6xPDHTRCivfE9STSyBfeMxRWZAGEIe0VujpibDP",
    "userId": 10345533

Last update: February 6, 2023