This documentation defines the API calls made when working with Spotware’s broker SSO (OAuth) flows and InApp controls. The documentation also contains essential provisions for integration including conformance tests and process diagrams.
Note that the SSO (OAuth) solution is a paid add-on. It is not provided by default as part of the onboarding package. To proceed with integration and access additional information, contact Spotware’s account management team.
The SSO API is not a replacement for the WebServices API, and vice versa. Instead, the SSO API is complementary to all other APIs offered by Spotware. You do not lose access to the functionalities of the WebServices API by integrating with the SSO API.
Spotware’s SSO (OAuth) flows establish a single access point for all actions related to user creation and authorisation inside the trading terminal and a broker’s client area/CRM. InApp controls allow users to perform certain actions (e.g., passing KYC) directly inside cTrader when previously these actions could only be completed in brokers’ client areas.
This is achieved via exposing several endpoints in the cTrader backend and requiring brokers to expose other endpoints inside their client area/CRM. Using a simple REST API, you can ensure that your traders can access your client area/CRM directly from the trading terminal, eliminating the need for needlesly complex UX. The deployment of SSO (OAuth) and InApp controls is highly recommended for any broker wishing to provide superior UX and boost lead-to-trader conversion by widening the typical onboarding funnel.
Even though this documentation discusses SSO (OAuth) and InApp flows separately, InApp controls are included in the broker SSO (OAuth) package. Deploying SSO (OAuth) flow also means deploying InApp controls and vice versa.
The SSO (OAuth) flow gives traders the opportunity to perform deposits/withdrawals inside the platform. Note this is done by displaying an interactive deposit/withdrawal screen entirely hosted inside your client area. cTrader itself is not a payment processor; all deposit/withdrawal requests and resolutions would need to be handled by your usual service provider.
For a detailed look at broker SSO (OAuth), you can consult this video.
Section 2 includes the general provisions and rules for working with the broker SSO (OAuth) web API covered in this document.
Section 5 contains process diagrams summarising the main SSO (OAuth) flows.
Section 6 details the conformance tests you need to pass as part of deployment of the SSO (OAuth) solution and its continuous integration.
Section 7 outlines the initial actions you need to make when deploying the SSO (OAuth) solution.
Section 8 contains concluding remarks and the possible directions for the future development of the SSO (OAuth) flows and InApp controls.
Section 9 includes a list of the custom error codes you may receive when working with our SSO (OAuth) flows.