Skip to main content
GET
/
api
/
v1
/
sub-accounts
/
etoro-trading
/
user-tokens
/
scopes
Get Allowed Sub-Account Token Scopes
curl --request GET \
  --url https://public-api.etoro.com/api/v1/sub-accounts/etoro-trading/user-tokens/scopes \
  --header 'Authorization: Bearer <token>' \
  --header 'x-api-key: <x-api-key>' \
  --header 'x-request-id: <x-request-id>' \
  --header 'x-user-key: <x-user-key>'
{
  "scopes": [
    {
      "name": "etoro-public:trade.real:read"
    },
    {
      "name": "etoro-public:trade.real:write"
    }
  ]
}

Authorizations

Authorization
string
header
required

eToro OAuth2. Each operation lists the scopes that grant access as separate security requirements (OpenAPI OR semantics): the caller's token only needs ONE of them — you do NOT need all of them. The same scopes back the x-api-key/x-user-key credential pair.

Headers

x-request-id
string<uuid>
required

A unique request identifier.

Example:

"c2ad25f3-2fe1-4382-8132-754a9c0f3e07"

x-api-key
string<password>
required

API key for authentication.

Example:

"lhgfaslk21490FAScVPkdsb53F9dNkfHG4faZSG5vfjndfcfgdssdgsdHF4663"

x-user-key
string<password>
required

User-specific authentication key.

Example:

"eyJlYW4iOiJVbnJlZ2lzdGVyZWRBcHBsaWNhdGlvbiIsImVrIjoiOE5sZ2cwcW5EUVdROUFNWGpXT2lmOWktZnpidG5KcUlqWGJ3WHJZZkpZcldrbG90ZEhvLVBjSWhQaU8xU1ZtMW84aU1WZGZqN2xWNzFjLXFxLmcybXE1dnh4Q1hUT25xaWRUaTFlcEhmVk1fIn0_"

Response

Allowed scopes retrieved successfully

scopes
object[]

The scope names that may be assigned to sub-account user tokens.

Example:
[
  { "name": "etoro-public:trade.real:read" },
  { "name": "etoro-public:trade.real:write" }
]