Broker APIs
A broker API is a programmatic interface a broker exposes so that software — rather than a human clicking a screen — can fetch market data, read account state, and place, modify or cancel orders.
Quick answer: A broker API is a programmatic interface a broker exposes so that software — rather than a human clicking a screen — can fetch market data, read account state, and place, modify or cancel orders.
In simple words
A broker API is a set of doorways into your broker's systems that a program can walk through. Instead of you tapping buy on an app, your code sends a structured message that says buy 1 lot of Nifty at market, and the broker responds with an order id. It is the same account and the same exchange rules — just driven by code instead of fingers.
Purpose
Broker APIs exist so that systematic and automated strategies can run without a human in the loop, turning tested rules into real orders reliably and at machine speed.
Visual explanation
Broker APIs
Where the broker API sits between your trading system and the exchange.
Professional explanation
What an API actually is
An API (Application Programming Interface) is a contract: a documented set of operations, their inputs, their outputs and their error conditions. A broker API specifies, for example, that to place an order you send an HTTP request to a named endpoint with fields like tradingsymbol, exchange, transaction_type, quantity, order_type and product, and that you will receive back either an order id or a structured error. Your code and the broker's servers never share memory; they exchange messages over the network according to this contract. Because the contract is explicit, you can build against it, test it, and reason about failure.
The three capability areas
Broker APIs cluster into three families of functionality. Market data endpoints return quotes, historical candles, the full instrument master and often a live streaming feed. Order and trade endpoints let you place, modify, cancel and query orders, and read fills, positions and the order book. Account endpoints expose funds, margins, holdings and the profile. A complete trading system touches all three: it reads data to generate a signal, checks funds and margin before acting, places the order, then polls or streams to confirm the fill and reconcile positions.
REST plus streaming, together
Almost every broker API is two protocols working in tandem. A REST (request/response) interface handles discrete actions — place order, cancel order, fetch positions — where you ask once and get one answer. A WebSocket (persistent streaming) interface pushes continuous data — live ticks, order-status updates — without you asking repeatedly. The design rule is durable: use REST to change state, use the stream to observe state changing. Confusing the two — for example, polling REST every 100 ms for prices instead of subscribing to the stream — is a common way to exhaust rate limits and miss ticks.
The India landscape and SEBI-approved access
In India several brokers expose retail-accessible APIs — Zerodha's Kite Connect and Angel One's SmartAPI are widely used examples, and others offer comparable interfaces. These are not back doors: order flow still passes through the broker's risk checks and reaches NSE or BSE under the same exchange rules as manual trading. SEBI has issued a framework governing retail algorithmic trading that assigns responsibilities to brokers, requires registration or tagging of algos in some cases, and distinguishes static from dynamic strategies. You must use only exchange- and broker-approved routes; screen-scraping or reverse-engineering an app's private endpoints is both fragile and against terms of service. Treat the current SEBI circulars and your broker's policy as the authority, because the rules evolve.
Statefulness and the source of truth
A critical mental model: the broker is the single source of truth for your account, not your program's memory. Your code holds a belief about your positions; the broker holds the fact. Network drops, restarts and partial fills can desynchronise the two. Robust systems therefore treat every local state as a cache that must be reconciled against the broker's positions and order book — typically at startup and periodically thereafter. Assuming your in-memory view is correct after an outage is how automated systems place duplicate or contradictory orders.
Idempotency and confirmation
Because the network can fail after your request leaves but before the response returns, you can never assume an order succeeded just because you sent it. A well-built client records the intent, sends the request, and then confirms the resulting state through the order book or a stream update before acting further. Some APIs support a client-supplied tag or reference on the order so you can detect whether a retried request created a duplicate. Designing for at-most-once order creation despite an at-least-once network is the central reliability problem of broker automation.
Manual trading vs API-driven trading
| Aspect | Manual (app/terminal) | API-driven (code) |
|---|---|---|
| Who acts | A human clicks | A program sends requests |
| Speed & scale | One order at a time | Many symbols, machine speed |
| Consistency | Subject to emotion/fatigue | Exactly the coded rules |
| Failure mode | Misclick, hesitation | Bug, outage, desync — can repeat fast |
| Source of truth | The screen you read | The broker, reconciled by code |
Practical example
Illustrative example (Indian market)
Suppose you run a simple end-of-day system on 20 Nifty-50 stocks with capital of about ₹5,00,000. Each evening your program calls the market-data endpoint to pull the day's candles, computes signals, then calls the funds endpoint to confirm available margin before acting. For two buy signals it sends two order requests and receives two order ids. Next morning it subscribes to the order-update stream, sees both fills, and reconciles its position book against the broker's positions endpoint. No number here is a recommendation — it simply shows the data, funds and order capabilities working together in one daily cycle.
In India, API order flow is still bound by exchange mechanics: F&O trades in fixed lots (illustratively 75 for Nifty), attract STT and stamp duty, and are subject to the exchange's circuit limits and product types (MIS, CNC, NRML). An API does not exempt you from any of these — it automates decisions that must still respect every regulatory and cost frictions of the live market.
Advantages
- Turns tested rules into real orders without a human watching the screen
- Scales across many instruments simultaneously, which manual trading cannot
- Enables systematic reconciliation, logging and audit of every action
- Gives access to structured historical and live data for research and execution
Limitations
- The broker, not your code, is the source of truth; local state can silently desync
- APIs change versions and deprecate endpoints, breaking working systems without notice
- Access is subject to SEBI and broker policy, which can restrict or tag automated flow
- A bug can place wrong or duplicate orders at machine speed before you notice
- Data feeds and endpoints have outages; the system must degrade safely, not blindly
Why it matters in practice
- It is the single bridge between a strategy and realised P&L — everything downstream depends on it
- Its reliability, not the strategy's cleverness, often determines whether an automated system survives
Common mistakes
- Assuming an order succeeded because the request was sent, without confirming the resulting state
- Trusting in-memory positions after a restart or network drop instead of reconciling with the broker
- Polling REST endpoints for prices instead of subscribing to the streaming feed, exhausting rate limits
- Hardcoding API keys or access tokens into source code that then ends up in version control
- Using unofficial or reverse-engineered endpoints that break and violate terms of service
- Ignoring the SEBI/broker framework for retail algos and treating the API as a rule-free channel
Professional usage
Professional desks treat the broker or exchange gateway as an untrusted, failure-prone dependency and wrap it in an order-management layer that enforces idempotency, reconciles state continuously, and isolates strategy logic from connectivity. They version-pin the API, maintain a test/sandbox environment, and monitor connectivity as a first-class health signal. The strategy is considered the easy part; the plumbing that keeps orders correct through outages is where the engineering effort goes.
Key takeaways
- A broker API is a documented contract for reading data and account state and driving orders from code
- It combines REST for actions with a WebSocket stream for live data — use each for its purpose
- In India use only SEBI- and broker-approved access; the exchange rules and costs still fully apply
- The broker is the source of truth — always confirm and reconcile rather than trusting local state
Frequently asked questions
What is a broker API?
Is using a broker API legal in India?
What can I do with a broker API?
Which brokers in India offer APIs?
Do I still pay taxes and charges on API orders?
Is a broker API the same as a data vendor API?
Why is the broker considered the source of truth?
Can a broker API guarantee my order fills?
What is the difference between the REST and streaming parts?
Do I need coding skills to use a broker API?
Can API access be revoked or restricted?
What happens to my orders if my program crashes?
Is a broker API safe to use?
Voice search & related questions
Natural-language questions people ask about Broker APIs.
What is a broker API in simple terms?
Can I automate my trades using a broker API in India?
Does a broker API make my strategy profitable?
What three things can a broker API do?
Is the app and the API the same account?
What is the biggest risk of using a broker API?
Sources & references
Last reviewed 11 July 2026. Educational content only — not investment advice. Markets and rules change; verify current conventions with SEBI, NSE/BSE and your broker.