API Reference

Getting Started

OpenAPI Specification

Download version 2.0.0 here, by right-clicking and choosing "Save Link As".

Authentication

Tetra Trust's API ensures the validity and identity of each API request through authentication in order to securely transfer data that belongs to your organization. The API makes use OAUTH 2.0 client credentials flow for authentication.

Begin by contacting your Tetra Account Manager to receive your client_id and client_secret. The client_id and client_secret can only be viewed once, so it is critical that you securely store this data. Do not hardcode the secret and expose it in version control or an environment where others may easily misappropriate it. Instead, a recommendation would be to store this data in a secrets management service (e.g. AWS Secrets Manager, Azure Key Vault, Hashicorp Vault, etc.) and dynamically fetch it when required.

Tokens

If you received your credentials before June 1, 2024, retrieve your access tokens using a POST request at https://auth.api.tetratrust.com/oauth2/token with the appropriate scopes.

If you received your credentials after June 1, 2024, retrieve your access tokens using a POST request at https://login.api.tetratrust.com/oauth2/token with the appropriate scopes.

See Scopes for more details.

Tokens have a lifecycle of 15 minutes before they expire.

🚧

Staking Initiation Access

By default, staking initiation is turned off. If you wish to have access, please contact your Tetra Account Manager.

Header parameters

  • Authorization is Basic Base64Encode(client_id:client_secret)
  • Content-Type must be 'application/x-www-form-urlencoded'

Body

  • grant_type must be client_credentials
  • scope is optional for any scopes you wish to restrict this token to.

API Calls

Base URL

http://api.tetratrust.com

Header parameters

  • x-api-key is your organization's client_id.
  • Authorization is your access key retrieved from the token call

Rate Limitations

There is a limit of 1440 calls per day with a burst limit of 5 and a rate limit of 1 per second. What this means is that once your client has reached its burst limit, or made 5 requests before the pool has been refilled, the rate at which the capacity is refilled is 1 call per second.

If required, please get in touch with your Account Manager to raise your organization's limits.