The family of cloud based products use OpenID and OAuth protocols to authenticate users using Single Sign On feature. 

Different kind of clients use different approaches, for example web site itself uses OpenID, when WebAPI uses OAuth.

To authenticate within IdentityServer from your application you need to follow the routine below.

This will be using the Client Credentials flow so our request will look like this:

Headers: Content-Type: application/x-www-form-urlencoded
Body: grant_type=client_credentials&scope=webapi&client_id=[ClientId]&client_secret=[ClientPassword]

replace [ClientId] and [ClientPassword] with your your own client id and password which can be obtained through registering new API client at Admin portal → Clients section (

Once you successfully authenticate you will get access token which can be used further.

"access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjE0M2U4MjljMmI1NzQ4OTk2OTc1M2JhNGY4MjA1OTc5ZGYwZGE5ODhjNjQwY2ZmYTVmMWY0ZWRhMWI2ZTZhYTQiLCJ0eXAiOiJKV1QifQ......"
"expires_in": 3600,
"token_type": "Bearer"

WebAPI has two different features: RESTful and WebSockets general infromation, each one has its own way to pass this token within each call to maintain authorization between calls.

Very basic things you can do is to request:

Organizations you are participated to:

Available TradePlatforms list:

And check connection to any of your trade platform:

  • No labels