/Robinhood

Unofficial Documentation of Robinhood Trade's Private API

The UnlicenseUnlicense

NOTICE: Consider this project dead.

I continued to keep this documentation up to date and it's now complete locally and until recently, I was happy to answer questions that wouldn't potentially expose a private, internal API, unreleased feature, or sensitive 3rd party data. But certain ones here have moved from friendly open source devs to angry, weird stalkers and have even used this documentation maliciously to steal assets and hijack accounts. Sadly, closing the issue tracker was only a temporary fix. Shuttering the project will be more permanent.

To the weird ones: Do not contact me about Robinhood. Do not send any more email. Do not text me. Do not call me anymore. Do not cyberstalk my teenage family member and leave messages for me on her voicemail anymore. Stop offering money to help you. I will not.

To everyone else: Bad actors, profiteers, and scammers have created a situation that puts us all at risk of having our accounts closed. I suggest you find ways to distance yourselves. These people have pushed Robinhood into making drastic changes to their API, shutting down established partnerships, and enforcing their customer agreements. If you haven't been contacted by an automated support agent yet for using the API directly, don't be too surprised if you are in the near future.

I'm not sure what will happen to this repo yet but I have had a good relationship with RH HQ since there was a waiting list to even create an account and I intend to stay in their good graces. I will not plug one here but commission-free firms exist that are designed to be accessed via their API. If that's in line with your plans, use one of those firms.


**NOTICE: I do not need pull requests or other contributions of endpoints!

Unofficial Documentation of Robinhood Trade's Private API

Table of Contents:

See also

  • Authentication.md for methods related to user authentication, password recovery, etc.
  • Banking.md for bank accounts & ACH transfers methods
  • Order.md for order-related functions (placing, cancelling, listing previous orders, etc.)
  • Options.md for options related endpoints
  • Quote.md for stock quotes
  • Fundamentals.md for basic, fundamental data
  • Instrument.md for internal reference to financial instruments
  • Watchlist.md for watchlists management
  • Account.md talks about gathering and modifying user and account information
  • Settings.md covers notifications and other settings
  • Markets.md describes the API for getting basic info about specific exchanges themselves
  • Referrals.md is all about account referrals
  • Statistics.md exposes the new social/statistical endpoints
  • Tags.md exposes the new categorizing endpoints

Things I have yet to organize are in Unsorted.md

Introduction

Robinhood is a commission-free, online securities brokerage. As you would expect, being an online service means everything is handled through a request that is made to a specific URL.

API Security

The HTTPS protocol is used to access the Robinhood API. Transactions require security because most calls transmit actual account informaion. SSL Pinning is used in the official Android and iOS apps to prevent MITM attacks; you would be wise to do the same at the very least.

Calls to API endpoints make use of two different levels of authentication:

  1. None: No authentication. Anyone can query the method.
  2. Token: Requires an authorization token generated with a call to log in.

Calls which require no authentication are generally informational (quote gathering, securities lookup, etc.).

Authorized calls require an Authorization HTTP Header with the authentication type set as Token (Example: Authorization: Token 40charauthozationtokenherexxxxxxxxxxxxxx).

API Error Reporting

The API reports incorrect data or improper use with HTTP status codes and JSON objects returned as body content. Some that I've run into include:

HTTP Status Key Value What I Did Wrong
400 non_field_errors ["Unable to log in with provided credentials."] Attempted to log in with incorrect username/password
400 password ["This field may not be blank."] Attempted to log in without a password
401 detail ["Invalid token."] Attempted to use cached token after logging out
400 password ["This password is too short. It must contain at least 10 characters.", "This password is too common."] Attempted to change my password to password

...you get the idea. Letting you know exactly what went wrong makes the API almost self-documenting so thanks Robinhood.

Pagination

Some data is returned from the Robinhood API as paginated data with next and previous cursors already in URL form.

If your call returns paginated data, it will look like this call to https://api.robinhood.com/instruments/:

{
    "previous": null,
    "results": [{
        "splits" : "https://api.robinhood.com/instruments/42e07e3a-ca7a-4abc-8c23-de49cb657c62/splits/",
        "margin_initial_ratio" : "1.0000",
        "url" : "https://api.robinhood.com/instruments/42e07e3a-ca7a-4abc-8c23-de49cb657c62/",
        "quote" : "https://api.robinhood.com/quotes/SBPH/",
        "symbol" : "SBPH",
        "bloomberg_unique" : "EQ0000000028928752",
        "list_date" : null,
        "fundamentals" : "https://api.robinhood.com/fundamentals/SBPH/",
        "state" : "active",
        "tradeable" : true,
        "maintenance_ratio" : "1.0000",
        "id" : "42e07e3a-ca7a-4abc-8c23-de49cb657c62",
        "market" : "https://api.robinhood.com/markets/XNAS/",
        "name" : "Spring Bank Pharmaceuticals, Inc. Common Stock"
    },
        ...
    ],
    "next": "https://api.robinhood.com/instruments/?cursor=cD04NjUz"
}

To get the next page of results, just use the next URL.

Semi-Pagination

Some data is returned as a list of results as if they were paginate but the API doesn't supply us with previous or next keys.