Skip to main content

Endpoint API

The Endpoint® API is organized around REST. Our API has predictable resource-oriented URLs, accepts JSON-encoded request bodies, returns JSON-encoded responses, and uses standard HTTP response codes, authentication, and verbs.

Base URL

The base url of the API is available at


A sandbox environment has been provided to allow developers to test integrations with our API. All calls to the sandbox environment return mock responses and do not have any side effects. The sandbox can be found at


All requests to the API must be authenticated in order to protect sensitive data. To authenticate with the Endpoint® API you must have been provided a Partner Id and at least 1 API Key. Once you have obtained a Partner ID and an API Key you can use these to Post to our authenticate endpoint and obtain a JSON Web Token (or JWT for short). You can then use the JSON Web Token to interact our other endpoints.

API Keys

After signing up for our service you will be provided with at least one API Key. Partners are not limited to one API Key: in fact we encourage the use of multiple keys specifically because our API Keys are scoped. Scoped API Keys provide fine-grained permission levels for different resources. For example, an API Key might be scoped to allow read transactions while another might be scoped to allow both read and create transactions. Scoped API Keys remove single points of failure, make it easy to edit and delete keys without affecting others in your organization, and make your data more secure. Feel free to request specifically scoped API Keys whenever you need. The default scope of an API Key is Write Permission on Transactions.

ResourcePermissionAvailable Endpoints
Track Transaction StatusReadGet Transaction Status, List Transactions
Open OrderWriteCreate Purchase, Create Refinance, Create Prelisting
Exchange DocumentsReadList Documents, Download Document
Exchange DocumentsWriteUpload Document

JSON Web Token

The Endpoint® API uses a JSON Web Token authentication scheme. Instead of including Partner ID and API Key in all requests, the Authenticate endpoint will provide you with a JSON Web Token that you can place in your header to authenticate yourself.

Obtaining a JSON Web Token

To obtain a JSON Web Token first POST to the Authenticate endpoint, with a Partner Id and API Key that has been provided to you from the team at Endpoint. On a successful Post the response will include a body with an accessToken. The value of the access token is your JSON Web Token. That token is valid for 1 hour; meaning you can use the provided JSON Web Token to hit any endpoint for up to 1 hour after you have accessed it. Once the hour is up, you will need to Post to the Authenticate endpoint again to obtain a new JWT. Using an expired JSON Web Token will result in an unauthorized response.

Using a JSON Web Token

Authenticating with the obtained JSON Web Token is easy: simply include the token in the Authorization header of your request. The header must be in the following format: Authorization: Bearer ${JSON Web Token}.

For example: if the obtained jwt is xxxjsonwebtokenxxx then it would appear in an HTTP header as shown below.

Authorization: Bearer xxxjsonwebtokenxxx


All requests must pass an API version at the start of the URL path. The URL path must be in the following format: /{API version}/path

For example: if the version requested is v1 then it would appear in an URL as show below.

NOTE: only v1 is currently available


The Endpoint® API uses API throttling to ensure the efficiency, performance, and security of our APIs. The Endpoint® API throttles requests on a per Partner basis. It allows 1000 GET requests an hour and 10 POST requests a minute. After reaching the limit, the Endpoint® API will respond with a 429 status code specifying the Partner has reached the throttling limit. The header of the response will specify in seconds how long to wait to retry in the Retry-After field.

API Endpoints

The Endpoint® API supports the following endpoints:

AuthenticateAuthenticates user and returns a JWT to include in further requests
Open OrderCreate PurchaseOpens a purchase order from the convenience of your platform.
Open OrderCreate RefinanceOpens a refinance order with Endpoint.
Open OrderCreate PrelistingOpens a prelisting order with Endpoint.
Open OrderConvert Prelisting to PurchaseOpens a prelisting order with Endpoint.
Open OrderCreate EquityOpens an equity order with Endpoint.
Track Transaction StatusGet Transaction StatusReturns the current status of milestones for a specified transaction.
Track Transaction StatusList TransactionsReturns a partner's list of transactions.
Exchange DocumentsList DocumentsReturns a list of documents pertaining to a transaction
Exchange DocumentsUpload DocumentUploads a document to a transaction
Exchange DocuemtnsDownload DocumentDownloads a requested document from a transaction


Webhooks can be registered to send real-time data from the Endpoint application whenever an event occurs. See Webhook Intro for more information about these notifications.