App Registration & Integration Access
Understand when personal API keys are enough, when you need a registered application, and how OAuth-based (SSO-style) access fits into production integrations and partner programs.
When to use API keys
API keys tied to your eToro account are appropriate for personal use, learning, and smaller projects where you are the primary user or your software acts only on your behalf within documented limits. They are ideal for prototypes, scripts, local tools, and early testing before you commit to a multi-user product.
When to register an app
Register an application when you need production-grade integration, identity flows for third-party users, SSO-style OAuth, or partner-level access with clear audit boundaries. Registration aligns your client with eToro's security review, redirect URI allowlists, and program terms — not just a single developer key.
What SSO app registration is
SSO app registration refers to registering an OAuth-based client so users can sign in with eToro and authorize your application with explicit scopes. Access tokens are short-lived; your backend stores refresh tokens securely and renews them according to eToro's documented flows — the same class of pattern used across modern financial and identity providers.
This is distinct from pasting a personal API key into a server: registered apps are identified by client credentials and redirect URIs that must match what you ship in production.
How to request access
Submit a registration request through the channels described on the official API Portal — including partner or integration inquiry forms where offered. Summarize your product, expected traffic, and which APIs you need. The Builders Portal does not host the submission form itself; it documents what to prepare and links to authoritative next steps.
Required information
Exact fields may vary by program, but reviewers typically need:
- Application display name and a concise description of what the app does for users.
- Technical contact and, for organizations, the owning entity name.
- OAuth redirect URIs (exact HTTPS origins and paths you will use in production).
- Intended API products and scopes — trading, market data, portfolio, social, etc.
- Links or attachments that help reviewers test: staging URL, demo video, or test account notes when applicable.
What happens after submission
- Your request enters a review queue. eToro may ask clarifying questions about security, data use, or UX.
- If approved, you receive credentials or configuration for the registered application (including OAuth client details where applicable).
- You integrate using the documented flows — tokens, refresh behavior, and error handling as described in the API Portal and learn guides.
- Ongoing compliance: changes to redirect URIs or material app behavior may require an update or re-review.
Supporting documentation
Partners & Integrations
Embedded experiences, enterprise requirements, and collaboration patterns for teams shipping with eToro.