enmacc connect API

Developers’ guide to using enmacc CONNECT HTTPS API for faster energy trading integration.

Welcome to the latest enmacc API documentation

Encompassing all versions of enmacc APIs, including v2.0, v2.1, and the newest addition, v2 .2, along with the risk and enmarket APIs. As a developer, you’ll find all the information you need to integrate seamlessly with our platform. Additionally, if you need to reference our old documentation, it’s still available here.

Connecting to enmacc

With enmacc connect, you can integrate enmacc into your internal workflow allowing you to have a more efficient and quicker trading process. E.g. it enables an information exchange between your Portfolio Management System (PFM), Risk Management Tool, Pricing Tools or similar systems and enmacc to digitize your energy trading processes.

Example use-cases:
    Trade Capturing Automatic RFQ creation on entender Automatic quoting of entender RFQs Active monitoring of entender RFQs

    enmacc CONNECT provides simple and secure RESTful HTTPS interfaces for exploring and interacting with the enmacc platform from your own applications.

    1. Register

    We'll assign an OAuth client_id and client_secret for each of your applications. We additionally give you access to a sandbox environment for development and testing.

    Please contact us directly info@enmacc.com

    2. Authenticate

    Authenticate your application with enmacc CONNECT. You retrieve an active authorization token with your secure credentials.

    Check the POST /authenticate endpoint for more information.

    3. Request API

    Make requests to our API endpoints with your OAuth credentials.

    enmacc CONNECT uses HTTPS over TLS (HyperText Transfer Protocol Secure) as a secured, bidirectional tunnel for communication.

    API Keys & Usage Plans

    There are measurements in place to protect the API from abuse. This includes a request quota and throttling using the token-bucket pattern. Every client needs to obtain a valid API key to be able to use the API. This key is not used for authentication but to map the requests to a usage plan. Consider this API key a secret! Do not publish the API key. API keys can be revoked to prevent or stop abuse.

    Every API request has to have a valid x-api-key HTTP request header.

    Every request is counted against your usage plan. The default usage plan is as follows:

    • Throttling (requests per second): 10 req/sec
    • Burst (bucket size): 100
    • Quota (requests per day): 5000 req/day

    These limits are soft-limits. You can request an increase of these limits. Please contact us directly via info@enmacc.com and describe your use-case.

    Authentication

    A two-legged OAuth2 approach (using client credentials) is implemented for authentication and results in a JWT access token. OAuth is an open industry-standard protocol to allow secure authorisation in a simple and standardized manner for web, mobile and desktop applications. The necessary credentials are provided by enmacc. Use the POST /authenticate endpoint with your provided credentials to receive a valid JWT token. This token is needed to authenticate you for every subsequent request.

    1. Request an access token with provided credentials(client-id, client-secret and x-api-key):
      Use the POST /authenticate with your client-id and client-secret as parameters. Don't forget to set the x-api-key HTTP header.
    2. A valid access-token is returned in the response body.
    3. For subsequent request to other endpoints, two HTTP headers have to be set accordingly:
      • x-api-key: Provided API key for usage plans
      • Authorization: "Bearer $access-token", where $access-token represent the value of the access-token field of the previous request
      • Note: The HTTP header value has to start with the string "Bearer ".
    4. Using the HTTP headers described in the previous step, protected resources can be accessed.
      Note: By default, the access-token expires at midnight of the issued date. Therefore the token can be reused for multiple requests over the day.
    After authentication, all requests must have a valid x-api-key and Authorization HTTP request header.

    Subscribe to the enmacc Developer Newsletter
    To get notified about upcoming changes or updates of the enmacc API, we advise to subscribe to the enmacc developer newsletter.
    I want to receive communication via email

    We use Mailchimp as our marketing platform. By clicking below to subscribe, you acknowledge that your information will be transferred to Mailchimp for processing. Learn more about Mailchimp's privacy practices here.