NON-CUSTODIAL·AES-256-GCM ENCRYPTION·BUILT ON FREQTRADE
DOCSAPISIGN IN
Every plan · org-admin managed
Developer platform

Drive the whole platform from a GraphQL API

VolatiCloud is built on a GraphQL API — not a bolt-on REST wrapper. Authenticate machine-to-machine with Keycloak client credentials and automate bots, strategies, and backtests in code.

Start 7-day free trialExplore features
What it is

Drive the whole platform from a GraphQL API, explained.

Everything the dashboard does, it does through a GraphQL API — so anything you can do in the UI, you can automate in code. GraphQL lets you request exactly the fields you need in a single round trip, which makes it a natural fit for scripting bots, strategies, and backtests.

Programmatic access is machine-to-machine: an organization admin creates an API client, and authentication uses Keycloak's client-credentials flow. API client management is an admin capability and is protected by step-up authentication, so issuing credentials is a deliberate, secured action.

How it works

From idea to a running bot.

API access is a first-class, admin-controlled capability — not an afterthought.

01

Create an API client

An org admin creates an API client; this is gated by the manage-api-clients permission and step-up auth.

02

Authenticate machine-to-machine

Use the Keycloak client-credentials flow to obtain a token for your client — no interactive login.

03

Query and mutate

Call the GraphQL API to read state and drive actions: create strategies, run backtests, manage bots.

04

Automate your workflow

Wire the API into your own scripts, dashboards, or CI to run VolatiCloud the way you work.

Who it's for

Built for the way you trade.

The API is for developers who want VolatiCloud as infrastructure, not just a UI.

Builders

Script repetitive tasks — spin up backtests, rotate strategies, manage bots — instead of clicking through them.

Integrators

Connect VolatiCloud to your own tooling, internal dashboards, or data pipelines via GraphQL.

Teams

Issue scoped API clients to services, controlled by org admins with step-up auth.

  • GraphQL API — request exactly the fields you need
  • Machine-to-machine via Keycloak client credentials
  • Org-admin managed API clients
  • Protected by step-up authentication
  • Automate bots, strategies, and backtests
  • The same API the dashboard uses
FAQ

Frequently asked questions.

Is the API REST or GraphQL?

GraphQL. The whole platform is built on a GraphQL API, which lets you fetch exactly the data you need in a single request rather than stitching together REST endpoints.

How do I authenticate?

Machine-to-machine, using Keycloak's client-credentials flow. An organization admin creates an API client, and your service exchanges its client credentials for an access token.

Who can create API clients?

Organization admins with the manage-api-clients permission. Creating and managing API clients is also protected by step-up authentication.

What can I do with the API?

Anything the dashboard does — create and manage strategies, run backtests, control bots, and read live state — because the dashboard itself runs on the same GraphQL API.

Keep exploring

Related capabilities.

MCP serverDrive bots from AI agentsAI assistantAgentic control in-appTradingView webhooksExternal signals into botsEncryption & BYOKCredential security and step-up

Ship your first live bot this afternoon.

Connect an exchange, build a strategy in the visual builder, backtest it on real data, and deploy. Start a 7-day Pro trial — no credit card required.

Start 7-day free trialTalk to us

No credit card required · Cancel any time