Skip to content
API Reference/
/
Get signing keys

Upvest Investment API (1.86.0)

Upvest Investment API.

Download OpenAPI description
api.json
api.yaml
Overview
URL
https://docs.upvest.co
Upvest API Support
api@upvest.co
License
Apache 2.0
Languages
Servers
Sandbox environment
https://sandbox.upvest.co
Live environment
https://api.upvest.co

Access Tokens

All authentication related paths.

Operations

Users

All user related paths.

Operations
Webhooks

User Identifiers

All user identifiers related paths.

Operations

User Checks

All user checks related paths.

Operations
Webhooks

Accounts

All accounts related paths

Operations
Webhooks

Account Groups

All account groups related paths

Operations
Webhooks

Tax Residencies

All tax residencies related paths.

Operations

Corporate Actions

All Corporate Action related paths.

Webhooks

Tax Wrappers

All tax wrappers related paths

Operations
Webhooks

Tax Exemptions

All tax exemptions related paths

Operations
Webhooks

Tax Collections

All tax collections related paths

Webhooks

Instruments

All instrument related paths.

Operations
Webhooks

Price Data

All price data related paths.

Operations

Orders

All order related paths.

Operations
Webhooks

Portfolios

All portfolios related paths.

Operations

Portfolios Rebalancing

All portfolios rebalancing related paths.

Operations
Webhooks

Savings Plans

All savings plans related paths.

Operations
Webhooks

Liquidations

All accounts liquidations related paths.

Operations
Webhooks

Direct Debits

All direct debits related paths

Operations
Webhooks

Top-ups

All top-ups related paths

Operations
Webhooks

Withdrawals

All withdrawals related paths

Operations
Webhooks

Reference Accounts

All reference account related paths

Operations

Mandates

All direct debit mandates related paths

Operations

Virtual Bank Accounts

All virtual bank accounts related paths

Operations
Webhooks

Credit Fundings

All credit fundings related paths

Operations
Webhooks

Cash Balances

All cash balance related paths

Operations
Webhooks

Positions

All positions related paths.

Operations
Webhooks

Valuations

All valuations related paths.

Operations
Webhooks

Returns

All accounts returns related paths.

Operations
Webhooks

Virtual Cash Balances

All virtual cash balances related paths

Operations
Webhooks

Fees

All fees related paths.

Operations
Webhooks

Fees Configurations

All fees configurations related paths.

Operations

Reports

All reports related paths.

Operations
Webhooks

Treasury Reports

All treasury reports related paths.

Webhooks

Transactions

All transactions related paths.

Operations
Webhooks

Files

All files API related paths.

Operations

Account Transfers

All Accounts Transfers related paths.

Operations
Webhooks

Securities Transfers

All Securities Transfers related paths.

Operations
Webhooks

Webhook Subscriptions

All webhook subscriptions related paths.

Operations

Get signing keys

Request

Returns a list of signing keys used to verify webhooks.

Security
oauth-client-credentials(Required scopes:
webhooks:read
webhooks:admin
)
Headers
upvest-client-idstring(uuid)required

Tenant Client ID

Example: 363f3305-7ab0-4e82-a158-f9d382ad08b6
Authorizationstring^Bearer [a-zA-Z0-9\-\._~+/]*=*required

Bearer (access) token from the OAuth flow with correct scopes. https://datatracker.ietf.org/doc/html/rfc6750

Example: Bearer c2VjcmV0Cg==
signaturestringrequired

https://tools.ietf.org/id/draft-ietf-httpbis-message-signatures-01.html#name-the-signature-http-header

signature-inputstringrequired

https://tools.ietf.org/id/draft-ietf-httpbis-message-signatures-01.html#name-the-signature-input-http-he

upvest-api-versionstring

Upvest API version (Note: Do not include quotation marks)

Default 1
Value"1"
Example: 1
curl -i -X GET \
  https://sandbox.upvest.co/auth/verify_keys \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'signature: string' \
  -H 'signature-input: string' \
  -H 'upvest-api-version: 1' \
  -H 'upvest-client-id: 363f3305-7ab0-4e82-a158-f9d382ad08b6'

Responses

JWKS signing public keys

Headers
upvest-request-idstring(uuid)required
Example: "169ae4c7-ebd7-4041-94da-25369653eba7"
Bodyapplication/json
keysArray of objectsrequired

List of verification keys

kidstring(uuid)

Key ID

ktystring

Cryptographic algorithm family used with the key.

  • EC -
Default "EC"
Value"EC"
crvstring

Elliptic curve family.

  • P-521 -
Default "P-521"
Value"P-521"
xstring

Curve parameter

ystring

Curve parameter

Response
application/json
{
  "keys": [
    { … }
  ]
}

List all webhook subscriptions

Request

Returns a list of all webhook subscriptions.

Security
oauth-client-credentials(Required scopes:
webhooks:read
webhooks:admin
)
Query
sortstring

Sort the result by created_at, updated_at, title, url, or enabled.

Default "created_at"
Enum"created_at""updated_at""title""url""enabled"
orderstring

Sort order of the result list if the sort parameter is specified. Use ASC for ascending or DESC for descending sort order.

Default "ASC"
Enum"ASC""DESC"
offsetinteger(int32)>= 0

Use the offset argument to specify where in the list of results to start when returning items for a particular query.

limitinteger(int32)[ 1 .. 1000 ]

Use the limit argument to specify the maximum number of items returned.

Default 100
Headers
upvest-client-idstring(uuid)required

Tenant Client ID

Example: 363f3305-7ab0-4e82-a158-f9d382ad08b6
Authorizationstring^Bearer [a-zA-Z0-9\-\._~+/]*=*required

Bearer (access) token from the OAuth flow with correct scopes. https://datatracker.ietf.org/doc/html/rfc6750

Example: Bearer c2VjcmV0Cg==
signaturestringrequired

https://tools.ietf.org/id/draft-ietf-httpbis-message-signatures-01.html#name-the-signature-http-header

signature-inputstringrequired

https://tools.ietf.org/id/draft-ietf-httpbis-message-signatures-01.html#name-the-signature-input-http-he

upvest-api-versionstring

Upvest API version (Note: Do not include quotation marks)

Default 1
Value"1"
Example: 1
curl -i -X GET \
  'https://sandbox.upvest.co/webhooks?sort=created_at&order=ASC&offset=0&limit=100' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'signature: string' \
  -H 'signature-input: string' \
  -H 'upvest-api-version: 1' \
  -H 'upvest-client-id: 363f3305-7ab0-4e82-a158-f9d382ad08b6'

Responses

An object with a data property that contains an array of webhook subscription objects.

Headers
upvest-request-idstring(uuid)required
Example: "169ae4c7-ebd7-4041-94da-25369653eba7"
Bodyapplication/json
metaobjectrequired
offsetintegerrequired

Amount of resource to offset in the response.

limitintegerrequired

Total limit of the response.

countintegerrequired

Count of the resources returned in the response.

total_countintegerrequired

Total count of all the resources.

sortstring

The field that the list is sorted by.

orderstring

The ordering of the response.

  • ASC - Ascending order
  • DESC - Descending order
Enum"ASC""DESC"
dataArray of objectsrequired
idstring(uuid)required

Webhook unique identifier.

created_atstring(date-time)required

Date and time when the resource was created. RFC 3339-5, ISO8601 UTC

updated_atstring(date-time)required

Date and time when the resource was last updated. RFC 3339-5, ISO8601 UTC

titlestring^[a-zA-Z0-9 ()\[\]{}.-]{1,32}$required

Title of the webhook for use on tenant side.

urlstring(url)<= 1000 charactersrequired

The callback URL to be called by the webhook.

enabledbooleanrequired

Enable/disable webhook.

typeArray of stringsrequired

What kind of events to be sent by the webhook.

Default ["ALL"]
Items Enum"ALL""USER""USER_CHECK""ORDER""ORDER_CANCELLATION""EXECUTION""POSITION""CASH_BALANCE""ACCOUNT""ACCOUNT_GROUP"
configobjectrequired

Configuration of webhook packages collection.

delaystring^([1-9]|[12][0-9]|30)s$

Maximum time of package collection (1s-30s).

max_package_sizeinteger[ 100 .. 1048576 ]

Maximum package size (bytes)

Response
application/json
{
  "meta": {
    "offset": 0,
    "limit": 100,
    "count": 1,
    "total_count": 1,
    "sort": "id",
    "order": "ASC"
  },
  "data": [
    { … }
  ]
}

Create a webhook subscription

Request

Creates a webhook subscription.

Security
oauth-client-credentials(Required scopes:
webhooks:admin
)
Headers
upvest-client-idstring(uuid)required

Tenant Client ID

Example: 363f3305-7ab0-4e82-a158-f9d382ad08b6
Authorizationstring^Bearer [a-zA-Z0-9\-\._~+/]*=*required

Bearer (access) token from the OAuth flow with correct scopes. https://datatracker.ietf.org/doc/html/rfc6750

Example: Bearer c2VjcmV0Cg==
signaturestringrequired

https://tools.ietf.org/id/draft-ietf-httpbis-message-signatures-01.html#name-the-signature-http-header

signature-inputstringrequired

https://tools.ietf.org/id/draft-ietf-httpbis-message-signatures-01.html#name-the-signature-input-http-he

upvest-api-versionstring

Upvest API version (Note: Do not include quotation marks)

Default 1
Value"1"
Example: 1
Bodyapplication/json
titlestring^[a-zA-Z0-9 ()\[\]{}.-]{1,32}$required

Title of the webhook for use on tenant side.

urlstring(url)<= 1000 charactersrequired

The callback URL to be called by the webhook.

typeArray of strings

What kind of events to be sent by the webhook.

Default ["ALL"]
Items Enum"ALL""USER""USER_CHECK""ORDER""ORDER_CANCELLATION""EXECUTION""POSITION""CASH_BALANCE""ACCOUNT""ACCOUNT_GROUP"
configobject

Configuration of webhook packages collection.

curl -i -X POST \
  https://sandbox.upvest.co/webhooks \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -H 'signature: string' \
  -H 'signature-input: string' \
  -H 'upvest-api-version: 1' \
  -H 'upvest-client-id: 363f3305-7ab0-4e82-a158-f9d382ad08b6' \
  -d '{
    "title": "User webhook",
    "url": "https://tenant.tld/webhooks/users",
    "type": [
      "USER"
    ],
    "config": {
      "delay": "1s",
      "max_package_size": 51200
    }
  }'

Responses

Returns a webhook subscription object if a valid webhook subscription object ID was provided.

Headers
upvest-request-idstring(uuid)required
Example: "169ae4c7-ebd7-4041-94da-25369653eba7"
Bodyapplication/json
idstring(uuid)required

Webhook unique identifier.

created_atstring(date-time)required

Date and time when the resource was created. RFC 3339-5, ISO8601 UTC

updated_atstring(date-time)required

Date and time when the resource was last updated. RFC 3339-5, ISO8601 UTC

titlestring^[a-zA-Z0-9 ()\[\]{}.-]{1,32}$required

Title of the webhook for use on tenant side.

urlstring(url)<= 1000 charactersrequired

The callback URL to be called by the webhook.

enabledbooleanrequired

Enable/disable webhook.

typeArray of stringsrequired

What kind of events to be sent by the webhook.

Default ["ALL"]
Items Enum"ALL""USER""USER_CHECK""ORDER""ORDER_CANCELLATION""EXECUTION""POSITION""CASH_BALANCE""ACCOUNT""ACCOUNT_GROUP"
configobjectrequired

Configuration of webhook packages collection.

delaystring^([1-9]|[12][0-9]|30)s$

Maximum time of package collection (1s-30s).

max_package_sizeinteger[ 100 .. 1048576 ]

Maximum package size (bytes)

Response
application/json
{
  "id": "a8eb3540-5a84-40f9-b2bb-7f99f282fc5a",
  "created_at": "2021-07-21T14:10:00.00Z",
  "updated_at": "2021-07-21T14:10:00.00Z",
  "title": "User webhook",
  "url": "https://tenant.tld/webhooks/users",
  "type": [
    "USER"
  ],
  "enabled": false,
  "config": {
    "delay": "5s",
    "max_package_size": 10240
  }
}

Tests

All test related paths.

Operations