Getting Started with Praemium UK api

This page will help you get started with Praemium UK api. You'll be up and running in a jiffy!

Introduction

The Praemium UK API enables your organisation to access information about your clients' portfolios from our portfolio administration system.

This site provides you with full details of each of the endpoints in the API, including the URL, parameters, validation tips, and what to expect in our response.

Authentication and Tokens

We will provide you with a token with the appropriate access level for your needs.

These tokens are application tokens and should not be exposed client-side, see security note below for more information on client-side authentication and control.

Roles and access/authorisation permissions are applied to tokens, including the ability to control these per-route and feature within each suite, so in hostile environments or front-office/back-office environments security should be designed-in to make use of these features.

Please contact us if you need us to issue you a new token or to revoke an existing token due to compromise or suspicion of compromise.

❗️

Security

We provide you with a token for testing and a production token. While your token will work on this site, we recommend that you do not use it here as it would mean your data would be shared with the third-party site provider.

These tokens should not be exposed client-side, and instead sessions should be established using the application tokens, which are then presented to the client/applications for use.

If client authentication/authorisation is managed by your application, Praemium can assist in the security and design, as it is in all our interests including clients, to ensure security and appropriate levels of authorisation and access.

Usage Limit

The Praemium API limits requests made to each Praemium service.

The default is 5 requests per second, if you hit the limit the API will return HTTP code 429. If you genuinely need to make more requests, please speak to our support team.

Calling the API

The API can be called using any Http Client. Each request should contain the following set of headers:

  • X-PPS-Token: This is your Authentication token and is specific to your client application.
  • Content-Type: The content type of the data in the request. (currently only application/json is supported)
  • X-PPS-API-Version: This is the version of the of the API you are using (in the format ####.##.## as seen in the top left hand corner of this page, below the Praemium logo).
//Example using RestSharp
var client = new RestClient("https://api.praemium.co.uk/public");

var request = new RestRequest("api/resource/", Method.POST);
request.AddHeader("X-PPS-Token", "{your token here}");
request.AddHeader("Content-Type", "application/json");
request.AddHeader("X-PPS-API-Version", "2017.01.12");

var response = client.Execute(request);
var xhr = new XMLHttpRequest();
xhr.open("POST", "https://dev.onpraemium.com/public/", false);
xhr.send();

Endpoints

For a full list of API endpoints see the API Reference.