Skip to main content
POST
/
api
/
v1
/
agent-portfolios
/
{agentPortfolioId}
/
user-tokens
Create User Token
curl --request POST \
  --url https://public-api.etoro.com/api/v1/agent-portfolios/{agentPortfolioId}/user-tokens \
  --header 'Content-Type: application/json' \
  --header 'x-api-key: <x-api-key>' \
  --header 'x-request-id: <x-request-id>' \
  --header 'x-user-key: <x-user-key>' \
  --data '
{
  "userTokenName": "my-trading-token",
  "scopeIds": [
    211,
    212
  ],
  "scopeNames": [
    "etoro-public:trade.real:read",
    "etoro-public:trade.real:write"
  ],
  "ipsWhitelist": [
    "192.168.1.1"
  ],
  "expiresAt": "2026-12-31T23:59:59Z"
}
'
{
  "userTokenId": "f9e8d7c6-b5a4-3210-fedc-ba9876543210",
  "userToken": "sk_live_a1b2c3d4e5f6...",
  "userTokenName": "my-trading-token",
  "clientId": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "ipsWhitelist": [
    "192.168.1.1"
  ],
  "scopeNames": [
    "etoro-public:trade.real:read"
  ],
  "expiresAt": "2026-12-31T23:59:59Z",
  "createdAt": "2026-03-06T12:00:00Z"
}

Headers

x-request-id
string<uuid>
required

A unique request identifier.

Example:

"c267d233-e0c3-4a8a-bc6b-d17b941ff6da"

x-api-key
string<password>
required

API key for authentication.

Example:

"lhgfaslk21490FAScVPkdsb53F9dNkfHG4faZSG5vfjndfcfgdssdgsdHF4663"

x-user-key
string<password>
required

User-specific authentication key.

Example:

"eyJlYW4iOiJVbnJlZ2lzdGVyZWRBcHBsaWNhdGlvbiIsImVrIjoiOE5sZ2cwcW5EUVdROUFNWGpXT2lmOWktZnpidG5KcUlqWGJ3WHJZZkpZcldrbG90ZEhvLVBjSWhQaU8xU1ZtMW84aU1WZGZqN2xWNzFjLXFxLmcybXE1dnh4Q1hUT25xaWRUaTFlcEhmVk1fIn0_"

Path Parameters

agentPortfolioId
string<uuid>
required

The unique identifier of the agent-portfolio.

Body

application/json
userTokenName
string
required

A human-readable name to identify the user token.

Example:

"my-trading-token"

scopeIds
integer[]
deprecated

[DEPRECATED — use scopeNames instead] The set of permission scope identifiers to grant to this token. Available scopes: 200 = etoro-public:real:read, 201 = etoro-public:demo:read, 202 = etoro-public:real:write, 203 = etoro-public:demo:write.

Example:
[211, 212]
scopeNames
string[]

The set of permission scope names (preferred; replaces the deprecated scopeIds). Provide either scopeNames or scopeIds. Available scopes: etoro-public:real:read, etoro-public:demo:read, etoro-public:real:write, etoro-public:demo:write.

Example:
[
  "etoro-public:trade.real:read",
  "etoro-public:trade.real:write"
]
ipsWhitelist
string[]

An optional set of IPv4 addresses allowed to use this token.

Example:
["192.168.1.1"]
expiresAt
string<date-time>

An optional expiration date and time for the token in UTC.

Example:

"2026-12-31T23:59:59Z"

Response

User token created successfully

userTokenId
string<uuid>

The unique identifier of the newly created user token.

Example:

"f9e8d7c6-b5a4-3210-fedc-ba9876543210"

userToken
string

The generated user token secret. Only available at creation time.

Example:

"sk_live_a1b2c3d4e5f6..."

userTokenName
string

The display name of the user token.

Example:

"my-trading-token"

clientId
string<uuid>

The client identifier of the application the token is associated with.

Example:

"3fa85f64-5717-4562-b3fc-2c963f66afa6"

ipsWhitelist
string[]

The IPv4 addresses from which the token is allowed to be used. Null or empty when unrestricted.

Example:
["192.168.1.1"]
scopeNames
string[]

The authorized scope names granted to the token.

Example:
["etoro-public:trade.real:read"]
expiresAt
string<date-time> | null

The UTC expiration date of the token. Null when the token does not expire.

Example:

"2026-12-31T23:59:59Z"

createdAt
string<date-time>

The UTC timestamp at which the token was created.

Example:

"2026-03-06T12:00:00Z"