Skip to main content
GET
/
api
/
v1
/
sub-accounts
/
etoro-trading
/
user-tokens
List Sub-Account User Tokens
curl --request GET \
  --url https://public-api.etoro.com/api/v1/sub-accounts/etoro-trading/user-tokens \
  --header 'Authorization: Bearer <token>' \
  --header 'x-api-key: <x-api-key>' \
  --header 'x-request-id: <x-request-id>' \
  --header 'x-user-key: <x-user-key>'
{
  "userTokens": [
    {
      "userTokenId": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
      "userTokenName": "my-trading-bot",
      "clientId": "7c9e6679-7425-40de-944b-e07fc1f90ae7",
      "ipsWhitelist": [
        "192.168.1.1"
      ],
      "scopes": [
        {
          "name": "etoro-public:trade.real:read"
        }
      ],
      "expiresAt": "2026-12-31T23:59:59Z",
      "createdAt": "2026-06-06T10:15:00Z"
    }
  ]
}

Authorizations

Authorization
string
header
required

eToro OAuth2. Each operation lists the scopes that grant access as separate security requirements (OpenAPI OR semantics): the caller's token only needs ONE of them — you do NOT need all of them. The same scopes back the x-api-key/x-user-key credential pair.

Headers

x-request-id
string<uuid>
required

A unique request identifier.

Example:

"01fa4789-f430-44b0-b9b8-f2c346398015"

x-api-key
string<password>
required

API key for authentication.

Example:

"lhgfaslk21490FAScVPkdsb53F9dNkfHG4faZSG5vfjndfcfgdssdgsdHF4663"

x-user-key
string<password>
required

User-specific authentication key.

Example:

"eyJlYW4iOiJVbnJlZ2lzdGVyZWRBcHBsaWNhdGlvbiIsImVrIjoiOE5sZ2cwcW5EUVdROUFNWGpXT2lmOWktZnpidG5KcUlqWGJ3WHJZZkpZcldrbG90ZEhvLVBjSWhQaU8xU1ZtMW84aU1WZGZqN2xWNzFjLXFxLmcybXE1dnh4Q1hUT25xaWRUaTFlcEhmVk1fIn0_"

Response

User tokens retrieved successfully

userTokens
object[]

The user's sub-account user tokens, across all their eToro trading sub-accounts.