API

Base URL

The Corsa API is served through a unified API Gateway. All requests should be directed to the gateway URL provided to you during onboarding.

Example Base URL: https://api.corsa.finance

Authentication

The Corsa API uses API tokens for authentication. All requests to the API must include a valid API token in the Authorization header using the Bearer scheme.

Header Format:

Authorization: Bearer <API_TOKEN>:<API_SECRET>

Example:

Authorization: Bearer dd2s3364-e548-3e78-8s41:sk_7ipzOQUKI-BPKf7koR1asf4QMnOc

Your API token consists of two parts separated by a colon (:):

Token ID: The first part (e.g., dd2s3364-e548-3e78-8s41)
Secret Key: The second part (e.g., sk_7ipzOQUKI-BPKf7koR1asf4QMnOc)

The API token is verified using signature validation to ensure secure access to your platform data.

API Structure

The API is organized into RESTful resources. The gateway unifies multiple microservices under a single domain.

Example Resources

/v1/clients: Manage individual and corporate clients.
/v1/alerts: Create and manage compliance alerts.
/v1/operations: Record financial operations (deposits, withdrawals).

Rate Limiting

To ensure service stability, the API implements rate limiting.

Limits are applied per-user (based on the platformId that correlates to your token).
If you exceed the limit, you will receive a 429 Too Many Requests response.

Generating an API Key

API keys can be created through the Corsa web application:

Log in to your Corsa account.
Navigate to Settings → Developers → API Keys.
On the API Keys page, click to generate a new key as shown below:

You can optionally set an expiration date and add a custom name for easier identification.

Using the API Key

Once you have your key, include it in the Authorization header of your API requests using the following format:

Authorization: Bearer {your-api-key}:{your-api-secret}

For a full list of available endpoints and request examples, check out our API Reference