Quickstart

This guide walks you from signing up to making your first authenticated request. We'll create a workspace, mint an API key, and fetch the list of accounts — all in five minutes.

Create an application

Head to your workspace settings and create a new developer application. You'll get a client_id and a client_secret — hold onto the secret, you can only see it once.

Use separate applications for sandbox and production. Aleta's OAuth flow refuses to issue tokens that cross environments, which keeps test data from leaking into your live integration.

Mint an access token

Exchange your client credentials for an access token using the standard OAuth2 client-credentials flow.

Request an access token

curl -X POST https://api.aleta.io/oauth/token \
  -H "Content-Type: application/json" \
  -d '{
    "grant_type": "client_credentials",
    "client_id": "YOUR_CLIENT_ID",
    "client_secret": "YOUR_CLIENT_SECRET"
  }'

The response contains a bearer token and its TTL in seconds.

Response

{
  "access_token": "aleta_live_9b1c…",
  "token_type": "Bearer",
  "expires_in": 3600
}

List your first accounts

With the token in hand, call GET /v1/accounts. The API returns a paginated list of every account the authenticated entity owns.

Request

GET

/v1/accounts

curl https://api.aleta.io/v1/accounts \
  -H "Authorization: Bearer aleta_live_9b1c…"

What's next

Dig into authentication

Read the authentication guide to learn about token refresh and per-entity scopes.
Browse the full API reference for every endpoint.
Configure webhooks if you want to react to account changes in real time rather than polling.