Skip to main content
DELETE
/
api
/
v1
/
sub-accounts
/
etoro-trading
/
user-tokens
/
{userTokenId}
Revoke Sub-Account User Token
curl --request DELETE \
  --url https://public-api.etoro.com/api/v1/sub-accounts/etoro-trading/user-tokens/{userTokenId} \
  --header 'Authorization: Bearer <token>' \
  --header 'x-api-key: <x-api-key>' \
  --header 'x-request-id: <x-request-id>' \
  --header 'x-sub-account-id: <x-sub-account-id>' \
  --header 'x-user-key: <x-user-key>'
{
  "errorCode": "InvalidSubAccountId",
  "errorMessage": "Invalid Sub Account Id"
}

Authorizations

Authorization
string
header
required

eToro OAuth2. Each operation lists the scopes that grant access as separate security requirements (OpenAPI OR semantics): the caller's token only needs ONE of them — you do NOT need all of them. The same scopes back the x-api-key/x-user-key credential pair.

Headers

x-request-id
string<uuid>
required

A unique request identifier.

Example:

"845b11ef-5ebc-4604-8264-abd602c8c86a"

x-api-key
string<password>
required

API key for authentication.

Example:

"lhgfaslk21490FAScVPkdsb53F9dNkfHG4faZSG5vfjndfcfgdssdgsdHF4663"

x-user-key
string<password>
required

User-specific authentication key.

Example:

"eyJlYW4iOiJVbnJlZ2lzdGVyZWRBcHBsaWNhdGlvbiIsImVrIjoiOE5sZ2cwcW5EUVdROUFNWGpXT2lmOWktZnpidG5KcUlqWGJ3WHJZZkpZcldrbG90ZEhvLVBjSWhQaU8xU1ZtMW84aU1WZGZqN2xWNzFjLXFxLmcybXE1dnh4Q1hUT25xaWRUaTFlcEhmVk1fIn0_"

x-sub-account-id
string
required

The encrypted sub-account identifier. The backend validates that it decrypts to a sub-account owned by the caller's token gcid.

Path Parameters

userTokenId
string<uuid>
required

The unique identifier of the user token to revoke.

Response

User token revoked successfully (also returned when the token did not exist)