Returns an access token.

This method returns an access token, which confirms that the user has authorized the application to access user data.

All calls to the E*TRADE API (e.g., accountlist, placeequityorder, etc.) must include this access token along with the consumer key, timestamp, nonce, signature method, and signature. This can be done in the query string, but is typically done in the HTTP header.

Token lifespan

By default, the access token expires at the end of the current calendar day, US Eastern time. Once the token has expired, no requests will be processed for that token until the OAuth process is repeated - i.e., the user must log in again and the application must secure a new access token.

During the current day, if the application does not make any requests for two hours, the access token is inactivated. In this inactive state, the access token is not valid for authorizing requests. It must be reactivated using the Renew Access Token API.

HTTP Method: GET
Request Parameters
Property Type Required? Description
oauth_consumer_key string Required The value used by the consumer to identify itself to the service provider.
oauth_timestamp integer Required The date and time of the request, in epoch time. Must be accurate to within five minutes.
oauth_nonce string Required A nonce, as described in the authorization guide - roughly, an arbitrary or random value that cannot be used again with the same timestamp.
oauth_signature_method string Required The signature method used by the consumer to sign the request. The only supported value is "HMAC-SHA1".
oauth_signature string Required Signature generated with the shared secret and token secret using the specified oauth_signature_method, as described in OAuth documentation.
oauth_token string Required The consumer’s request token to be exchanged for an access token.
oauth_verifier string Required The code received by the user to authenticate with the third-party application.
Response Properties
Sample Request
GET https://etws.etrade.com/oauth/access_token
HTTP header
Authorization: OAuth
realm="",oauth_signature="FjoSQaFDKEDK1FJazlY3xArNflk%3D",oauth_nonce="LTg2ODUzOTQ5MTEzMTY3MzQwMzE%3D",oauth_signature_method="HMAC-SHA1",oauth_consumer_key= "282683cc9e4b8fc81dea6bc687d46758",oauth_timestamp="1273254425",oauth_verifier="Y27X25F",oauth_token=%2FiQRgQCRGPo7Xdk6G8QDSEzX0Jsy6sKNcULcDavAGgU%3D
Sample Response
  • The production access token expires by default at midnight US Eastern time.
  • Technically, the access token and related parameters can be passed with HTTP requests as part of the URL, but we recommend this information be passed in the header of the request instead.
Property Type Description
oauth_token string The consumer’s access token
oauth_token_secret integer The token secret

By using E*TRADE API ("API") and accepting the terms of the Application Programming Interface License Agreement and the Application Programming Interface User Agreement, you agree that API may employ security policies, procedures and systems of Third Party providers which may or may not be less stringent and secure than the policies, procedures and systems of E*TRADE Securities LLC ("E*TRADE") or its affiliates. Material provided on API may have been produced by independent third parties not affiliated or endorsed by E*TRADE or its affiliates ("Third Party"). To the extent that API or Third Party providers express opinions or make recommendations, you understand that such opinions or recommendations are expressed by the Third Party provider and are not the opinions or recommendations of E*TRADE or its affiliates. E*TRADE is not responsible for the accuracy of market data displayed on API or made available by Third Party providers. There may be latency between the time an order (or other information) is submitted from API and the time the order is received by E*TRADE. The E*TRADE Two Second Execution Guarantee or any similar guarantee does not apply for orders placed through API and Third Party provider web sites. The E*TRADE CompleteTM Protection Guarantee does not apply. Orders created and submitted through API are not vetted until they are received by E*TRADE. It is possible that E*TRADE may reject an order placed through API. Please see the Application Programming Interface License Agreement and the Application Programming Interface User Agreement for more information.

The E*TRADE family of companies provides financial services including trading, investing, and related banking products and services to retail investors.

Securities products and services offered by E*TRADE Securities LLC, Member FINRA/SIPC.

System response and account access times may vary due to a variety of factors, including trading volumes, market conditions, system performance, and other factors.