API Reference
The UTM API lets you programmatically submit trading signals, read account data, and integrate third-party tools.
Base URL
https://api.universaltrademanager.com/api/v1
Authentication
The API supports two authentication methods depending on your use case.
Access tokens (ADVANCED and PRO)
The single, scoped credential type for programmatic access, webhooks, and third-party tools. Include the token in the Authorization header using the Bearer scheme:
curl -H "Authorization: Bearer dt_your_token" https://api.universaltrademanager.com/api/v1/trades
The legacy X-API-Key: utm_* header still authenticates tokens issued before the unification and continues to honour the same scope checks. New tokens use the Authorization: Bearer dt_* form.
See Access tokens for details.
JWT Tokens
For the UTM web application. Obtained via POST /api/v1/auth/login and refreshed via POST /api/v1/auth/refresh. Pass in the Authorization: Bearer header.
Endpoints
The following endpoints are available to API key and connected app token holders. See Scopes for which scope each endpoint requires.
| Endpoint | Description | Scope |
|---|---|---|
GET /api/v1/trades | List trade history | trading:read |
GET /api/v1/accounts | List connected accounts | accounts:read |
GET /api/v1/positions | List current positions | trading:read |
GET /api/v1/orders | List orders and their executions | trading:read |
GET /api/v1/strategies | List strategies | trading:read |
GET /api/v1/signals | List signals | trading:read |
GET /api/v1/dashboard/summary | Aggregated portfolio summary | trading:read |
GET /api/v1/dashboard/balance-history | Daily equity snapshots for charting | trading:read |
GET /api/v1/dashboard/account-performance | Per-account performance metrics | trading:read |
POST /api/v1/signals | Submit a trading signal | signals:write |
DELETE /api/v1/signals/:id | Cancel a queued or scheduled signal | signals:write |
Standard Response Format
All responses include a requestId for support and debugging.
Success:
{
"data": { ... },
"requestId": "req_abc123"
}
Error:
{
"error": "Validation failed",
"code": "VALIDATION_ERROR",
"details": [...],
"requestId": "req_abc123"
}
Rate Limits
| Auth method | Limit |
|---|---|
| Access token | 200 requests per minute |
| JWT (web app) | 200 requests per minute |
See Rate Limits for full details.
Errors
See Error Codes for a complete list of error responses.