What is the correct auth flow to place orders?

The API docs and examples aren’t helpful at all.

what are the auth flows to place orders on live and demo accounts?

  • get access token

URL: {{URL}}/auth/accesstokenrequest

    "name": "{{ACCOUNT_SPEC}}",
    "password": "{{ACCOUNT_PASSWORD}}",
    "appId": "Algo Trading",
    "appVersion": "0.0.1",
    "cid": "{{ACCOUNT_CID}}",
    "sec": "{{ACCOUNT_SEC}}"

this will return the access token at either of the live or demo endpoints no problem.

  • get account id

URL: {{URL}}/account/list

this will return different data depending on which endpoint.


        "id": 3xxx,
        "name": "1xxx",
        "userId": 39xxx,
        "accountType": "Customer",


        "id": 1xxx,
        "name": "DEMO3xxx-2",
        "userId": 39xxx,
        "accountType": "Customer",
  • placing order

URL: {{URL}}/order/placeorder

    "accountSpec": "{{ACCOUNT_SPEC}}",
    "accountId": {{ACCOUNT_ID}},
    "action": "Buy",
    "symbol": "MCLX2",
    "orderQty": 1,
    "orderType": "Limit",
    "price": 88.00,
    "timeInForce": "Day",
    "isAutomated": true

now, for live this works well using the name field from the accesstokenrequest endpoint.
and using the id field from the account list endpoint.

but when you try to use the demo endpoint with the demo values you get Access is denied error message.