Authentication
In order to authenticate use following endpoint, passing your Volven/TYR Markets user name (which is your email) and password:
POST /httpserver/main/v2/auth/login
{
"username": "<email>",
"password": "<password>"
}If you have 2FA enabled you will get following response:
200 OK
{
"awsUsername": "9205eec4-8b36-48a4-aa6c-a73e8ce01684",
"session": "AYABeK9med7n...Z7oBVQAjVJEZ0k",
"challengeName": "SOFTWARE_TOKEN_MFA",
"status": "CHALLENGE_REQUIRED"
}In that case you have to provide OTP (one time password) from your configured authenticator app.
Send it in challengeAnswer field along with awsUsername and session from previous authentication response:
POST /httpserver/main/v2/auth/login
{
"awsUsername": "9205eec4-8b36-48a4-aa6c-a73e8ce01684",
"session": "AYABeK9med7n...Z7oBVQAjVJEZ0k",
"challengeName": "SOFTWARE_TOKEN_MFA",
"status": "CHALLENGE_REQUIRED",
"challengeAnswer": "898165"
}Once you are successfully authenticated (with or without 2FA enabled) you will get following response:
200 OK
Authorization: Bearer eyJraWQiOiJWQmd...8yeUJmCX2JXxyJBzHA
{
"refreshToken": "eyJjdHkiOiJKV1Qi...ULGaonedpIyv86GNpg",
"expirationTime": 3600,
"isAppConnected": false
}Now you need to use the token received in Authorization header from the response above to authorize all business API request. You simply pass this token in Authorization header when performing every HTTP request or initiating WebSocket connection.
The token is valid for expirationTime number of seconds, which in this case is 1 hour. If you want to use API in continuous manner but authorize only once then use refreshToken from the response above. Perform following call periodically before your session expires (for instance 5 minutes before expiration time):
POST /httpserver/main/v2/auth/login
{
"refreshToken": "eyJjdHkiOiJKV1Qi...ULGaonedpIyv86GNpg"
}You should receive following response meaning that your session has been prolonged and will expire at expirationTime (Unix timestamp):
200 OK
{
"expirationTime": 1758546865
}Last updated
Was this helpful?