Authentication
The Market Data API uses a Bearer Token for authentication. The token is a programmatic representation of your username and password credentials, so you must keep it secret just as you would your username and password. The token is required for each request you make to the API.
Obtaining a Token
To obtain it, sign-in to your customer dashboard using your username and password and request a token. It will be delivered by email to the address you used to sign-in.
Using the Token
There are two ways to pass this token to the API with your requests:
- Header Authentication
- URL Parameter Authentication
We recommend using header-based authentication to ensure your token is not stored or cached. While Market Data makes a conscientious effort to delete tokens from our own server logs, we cannot guarantee that your token will not be stored by any of our third party cloud infrastructure partners.
Header Authentication
Add the token to the Authorization header using the word Bearer.
Code Examples
- HTTP
- Node.js
- Python
- Go
GET /v1/stocks/quotes/SPY/ HTTP/1.1
Host: api.marketdata.app
Accept: application/json
Authorization: Bearer {token}
The curly braces around token are a placeholder for this example. Do not actually wrap your token with curly braces.
const https = require('https');
// Your token
const token = 'your_token_here';
// The API endpoint for retrieving stock quotes for SPY
const url = 'https://api.marketdata.app/v1/stocks/quotes/SPY/';
// Making the GET request to the API
https.get(url, {
headers: {
'Accept': 'application/json',
'Authorization': `Bearer ${token}`
}
}, (response) => {
let data = '';
// A chunk of data has been received.
response.on('data', (chunk) => {
data += chunk;
});
// The whole response has been received. Print out the result.
response.on('end', () => {
if (response.statusCode === 200 || response.statusCode === 203) {
console.log(JSON.parse(data));
} else {
console.log(`Failed to retrieve data: ${response.statusCode}`);
}
});
}).on("error", (err) => {
console.log("Error: " + err.message);
});
from marketdata import MarketDataClient
# Initialize the client (token is read from MARKETDATA_TOKEN environment variable)
# Or pass it directly: client = MarketDataClient(token="your_token_here")
client = MarketDataClient()
# Get stock quotes for SPY
quotes = client.stocks.quotes("SPY")
print(quotes)
For more information about using the Python SDK, see our Python SDK documentation and authentication guide.
// Import the Market Data SDK
import api "github.com/MarketDataApp/sdk-go"
func main() {
// Create a new Market Data client instance
marketDataClient := api.New()
// Set the token for authentication
// Replace "your_token_here" with your actual token
marketDataClient.Token("your_token_here")
// Now the client is ready to make authenticated requests to the Market Data API
// Use the client to create a StockQuoteRequest
sqr, err := api.StockQuote(marketDataClient).Symbol("SPY").Get()
if err != nil {
fmt.Println("Error fetching stock quotes:", err)
return
}
// Process the retrieved quote
for _, quote := range quotes {
fmt.Printf(quote)
}
}
URL Parameter Authentication
Add the token as a variable directly in the URL using the format token=YOUR_TOKEN_HERE. For example:
https://api.marketdata.app/v1/stocks/quotes/SPY/?token={token}
The curly braces around token are a placeholder for this example. Do not actually wrap your token with curly braces.
Demo The API With No Authentication
You can try stock, option, and index endpoints with several different symbols that are unlocked and do not require a token. Please be aware that only historical data for these tickers is available without a token.
- Try any stock endpoint with AAPL, no token required.
- Try any option endpoint with any AAPL contract, for example: AAPL271217C00250000. No token required.
IP Address Restrictions
Each account may only connect from one IP address at a time. You can switch devices, but you cannot use two devices simultaneously. Back-and-forth switching between IP addresses within a 5-minute window triggers a temporary block.
See the Single IP Address Policy for full details, or 403: Multiple IP Addresses if your account is blocked.