Region: EU
Documentation

Getting Started with Broker API

This guide is going to help you set everything up in a sandbox environment to get you up and running with Broker API.

Getting Started Guide

This getting started guide will introduce you to our APIs and provide step-by-step instructions from authenticating to placing an order. All the steps below assume that you have already been set up as a correspondent (a broker partner) and can therefore access our dashboard, Brokerdash. It is also assumed that you are a fully-disclosed broker-dealer with a broker-dealer license in your local jurisdiction.

The sandbox environment acts as a parallel environment where you can test our APIs safely without sending any real trades to the market. All prices and execution times (i.e. market hours) hold true in sandbox and production.

Keep in mind that the steps provided below use our sandbox environment, but you can access our other environments as follows:

  • Live / Production
    • Auth: https://authx.eu.alpaca.markets
    • Broker API: https://broker-api.eu.alpaca.markets
  • Sandbox
    • Auth: https://authx.sandbox.eu.alpaca.markets
    • Broker API: https://broker-api.sandbox.eu.alpaca.markets

Setting up

Before making any API requests, you will need to get an API key and API secret using Brokerdash. You can generate them by following these steps:

  1. Log into Brokerdash in sandbox
  2. Navigate to the 'API/Devs' page
  3. Press 'Generate an API Key'

You can choose which type of credentials you wish to use, but for the purposes of this guide, we will be using the client credentials flow using the client secret.

Authentication

Prior to accessing the Broker API, you will need to use the credentials you generated in the previous step to authenticate.

To authenticate, you must send a HTTP POST with form url-encoded data to our authentication endpoint. Below is an example of how this is achieved using curl:

curl -X POST "https://authx.sandbox.eu.alpaca.markets/v1/oauth2/token" \
     -H "Content-Type: application/x-www-form-urlencoded" \
     -d "grant_type=client_credentials" \
     -d "client_id={YOUR_CLIENT_ID}" \
     -d "client_secret={YOUR_CLIENT_SECRET}"

The response will contain a token you can then use to acess our APIs, along with when it expires:

{
    "access_token": "{TOKEN}",
    "expires_in": 899,
    "token_type": "Bearer"
}

Onboarding

Creating an Account

An account for the end-user must be created prior to trades being placed.

An account can be created using the endpoint v1/accounts. Below is an example request for a German customer using curl:

curl --request POST \
     --url https://broker-api.sandbox.eu.alpaca.markets/v1/accounts \
     --header 'Authorization: Bearer {token}' \
     --header 'Accept: application/json' \
     --header 'Content-Type: application/json' \
     --data '
{
  "contact": {
    "email_address": "[email protected]",
    "phone_number": "+497123456789",
    "street_address": ["Friedrichstrasse 43"],
    "city": "Berlin",
    "country": "DEU",
    "postal_code": "10117"
  },
  "identity": {
    "given_name": "Albert",
    "family_name": "Einstein",
    "date_of_birth": "1990-01-01",
    "tax_id": "12345678911",
    "tax_id_type": "DEU_TAX_ID",
    "country_of_tax_residence": "DEU",
    "funding_source": ["employment_income"]
  },
  "disclosures": {
    "is_control_person": false,
    "is_affiliated_exchange_or_finra": false,
    "is_affiliated_exchange_or_ciro": false,
    "is_politically_exposed": false,
    "immediate_family_exposed": false
  },
  "agreements": [
    {
      "agreement": "account_agreement",
      "signed_at": "2026-04-20T12:00:00Z",
      "ip_address": "127.0.0.1"
    },
    {
      "agreement": "customer_agreement",
      "signed_at": "2026-04-20T12:00:00Z",
      "ip_address": "127.0.0.1"
    }
  ],
  "currency": "EUR"
}
'

Then once it has been created, it can be fetched using the v1/accounts/:account_id endpoint. For example:

curl -X GET "https://broker-api.sandbox.eu.alpaca.markets/v1/accounts/b6332229-32b3-455e-a612-bc77e3111336"

Customer Identification Program (CIP)

The broker-dealer should complete KYC prior to account creation on Alpaca's platform. Once account creation is complete, evidence of KYC must be submitted to the CIP endpoint.

Note: In our live environment, KYC must be completed for the end-user before making the account creation request. Accounts will be screened against Alpaca's internal blacklist, but assuming no match is found they will move to the APPROVED status immediately. This will allow trades to be placed.

Evidence of KYC can be submitted using the CIP API. An example request for the account mentioned previously (account ID b6332229-32b3-455e-a612-bc77e3111336) using curl is shown below:

curl --request POST \
     --url https://broker-api.sandbox.eu.alpaca.markets/v1/accounts/b6332229-32b3-455e-a612-bc77e3111336/cip \
     --header 'Authorization: Bearer {token}' \
     --header 'Accept: application/json' \
     --header 'Content-Type: application/json' \
     --data '
{
  "provider_name": ["onfido"],
  "kyc": {
    "id": "my-kyc-check-id",
    "risk_level": "LOW",
    "applicant_name": "Albert Einstein",
    "email_address": "[email protected]",
    "nationality": "German",
    "id_number": "jd0000123456789",
    "date_of_birth": "1990-01-01",
    "address": "Friedrichstrasse 43",
    "postal_code": "10117",
    "country_of_residency": "DEU",
    "kyc_completed_at": "2026-04-21T15:37:03Z",
    "ip_address": "127.0.0.1",
    "check_initiated_at": "2026-04-21T15:37:03Z",
    "check_completed_at": "2026-04-21T15:37:03Z",
    "approval_status": "approved",
    "approved_by": "John Doe",
    "approved_at": "2026-04-21T15:37:03Z"
  },
  "document": {
    "id": "my-doc-check-id",
    "result": "clear",
    "status": "complete",
    "created_at": "2026-04-21T15:37:03Z",
    "image_integrity": "clear"
  },
  "photo": {
    "id": "my-photo-evidence-id",
    "result": "clear",
    "status": "complete",
    "created_at": "2021-06-10T15:37:03Z",
    "face_comparison": "clear"
  },
  "identity": {
    "id": "my-identity-check-id",
    "result": "clear",
    "status": "complete",
    "created_at": "2026-04-21T15:37:03Z",
    "sources": "clear",
    "address": "clear",
    "date_of_birth": "clear"
  },
  "watchlist": {
    "id": "my-watchlist-monitor-id",
    "result": "consider",
    "status": "complete",
    "created_at": "2026-04-21T15:37:03Z",
    "politically_exposed_person": "consider",
    "sanction": "consider",
    "adverse_media": "clear",
    "monitored_lists": "clear"
  }
}
'

This example request shows that KYC was completed using the external provider Entrust (previously known as 'Onfido') and details a few different types of checks:

  • KYC: A generic background check on the end-user, including their name and address.
  • Document: A check on a document, such as a passport.
  • Photo: A photographic check, such as a facial biometric similarity check.
  • Identity: A check performed on the end-user's identity.
  • Watchlist: A report or ongoing check that provides a breakdown of records found for the user when screening global watchlists.

The IDs provided should be identifiers in your system (or the external provider) so that Alpaca can contact you and refer to the identifiers if necessary.

Supporting Documentation

You may also want to add some supporting documents from your KYC process. Alpaca provides a documents API for any documents relating to a particular account.

Using the same account as before (account ID b6332229-32b3-455e-a612-bc77e3111336) an example with curl has been provided below.

curl --request POST \
     --url https://broker-api.sandbox.eu.alpaca.markets/v1/accounts/b6332229-32b3-455e-a612-bc77e3111336/documents/upload \
     --header 'Authorization: Bearer {token}' \
     --header 'Accept: application/json' \
     --header 'Content-Type: application/json' \
     --data '
[
  {
    "document_type": "identity_verification",
    "document_sub_type": "passport",
    "content": "/9j/Cg==",
    "mime_type": "image/jpeg"
  }
]
'

Multiple documents can be uploaded at the same time. All documents must be base64 encoded, and documents larger than 10MB will not be accepted.

Requesting Trades

Once onboarding is complete, you are ready to start funding the account and requesting trades.

Funding

In our live environment, funds will be added and originate from the sending bank. Funds cannot be added via the API. However, for testing in sandbox, a set of testing endpoints are provided to add funds to your accounts.

Below is an example request to add funds in sandbox using curl:

curl --request POST \
--url https://broker-api.sandbox.eu.alpaca.markets/v1/testing/incoming_wires \
--header 'Authorization: Bearer {token}' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '
{
  "currency": "EUR",
  "amount": "10000.00",
  "wire_instructions": "FFC ABCD-12345678"
}
'

The above example adds 10000 EUR to an account with the account number 12345678 (this is the account_number from the account resource in the API) for the correspondent ABCD (you can find this in Brokerdash). Note that this endpoint is not available in our live environment.

When the funds have been added, the account's buying power will be updated after a short delay and can be used for trading.

Placing Trades

Once the account has buying power available, trades can be placed.

Below is an example request to buy 1 unit of AAPL using the same account we used previously:

curl --request POST \
--url https://broker-api.sandbox.eu.alpaca.markets/v1/trading/accounts/b6332229-32b3-455e-a612-bc77e3111336/orders \
--header 'Authorization: Bearer {token}' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '
{
  "symbol": "AAPL",
  "qty": "1",
  "side": "buy",
  "type": "market",
  "time_in_force": "day"
}
'

Updated 5 days ago

© 2025 Alpaca Securities LLC All rights reserved.

© 2025 Alpaca Crypto LLC All rights reserved.

© 2025 AlpacaDB, Inc. All rights reserved.

© 2026 WealthKernel Limited All rights reserved.

© 2026 WealthKernel Spain, A.V., S.L.U. rights reserved.

WealthKernel Limited is authorised and regulated by the Financial Conduct Authority, no. 723719, registered in England and Wales, no. 09686970, with a registered office at 41 Luke St, EC2A 4DP, London, UK,.

WealthKernel Spain, A.V., S.L.U. is authorised and registered with the Comisión Nacional del Mercado de Valores (CNMV), Official Registry No. 328, with a registered office at Avda Manoteras 8, Portal 4, Floor 4, Number B, 28050 Madrid, Spain.

Securities brokerage services are provided by Alpaca Securities LLC ("Alpaca Securities"), member FINRA/SIPC, a wholly-owned subsidiary of AlpacaDB, Inc. Technology and services are offered by AlpacaDB, Inc.