@i077/tda-api-nodejs-unofficial
v0.1.7
Published
TD Ameritrade API node.js wrapper for front-end integration
Downloads
9
Maintainers
Readme
@i077/tda-api-nodejs-unofficial
Unofficial Node.js wrapper for TD Ameritrade's API. Custom implementation for authorization flows for tokens handling and access scope.
TD Ameritrade API
The official documentations on TD Ameritrade's API can be found on their website TD Ameritrade for developers. Not all of its endpoint is included in this client.
Getting started
Signing up and creating your app with TD Ameritrade
Go to TD Ameritrade for developers, register, under "My Apps" click "add new app". Follow the instruction. Most important part is callback URL, the URL of your webapp that will capture the oAuth code that's passed back to authenticate the user on your webapp. Once your app is approved, copy the consumer key, add "@AMER.OAUTHAP" at the end, this is the clientId. If you are only interested in testing unauthenticated calls or testing with my web demos:
vue frontend demo: https://dos077.github.io/api-demo-vue/ react frontend demo: https://dos077.github.io/api-demo-react/
Installation
This library is distributed on npm. Run the following command in your project:
$ npm install @i077/tda-api-nodejs-unofficial
Using the client
import APIwrapper from '@i077/tda-api-nodejs-unofficial';
// initializing a client for TDA API
const client = APIwrapper({
clientId: 'consumer key from your app',
redirectUri: 'redirect URL for oAuth code',
storeAuth: false, // store refresh token in localStorage, default is false
logInRedirect: false, // redirect if attempt to login without a stored refresh token or oAuth code
scope: ['PlaceTrades', 'AccountAccess', 'MoveMoney'], // scope for the access grant
afterLogIn: () => console.log('client access granted'), // function to run after successful login
afterLogOut: () => console.log('client access revoked'), // function to run after successful logout
});
// run a test function to log some quote data without authentication
const testLogQuote = async () => {
const resJson = await client.quotes.unauthenticated.getQuote({ symbol: 'TD' });
console.log(resJson);
}
testLogQuote();
Authentication
TD Ameritrade API follows OAuth2's authentication. However, the implementation seems to be incomplete and consequently insecure, ~~namely the lack of scopes and~~ revoking grant. I've poked around and tried at least adding revoke access back to the API, but their access controls is incomplete and consequently, access tokens cannot be revoked. Refresh token is revokable and per OAuth's documentation, this should revoke the whole grant, unfortunately, not the case with TD. It could be updated in the future, for now, just know that logging out will only revoke the refresh token and the access token will expires 30 minutes after its grant.
Also note that there are APIs that doesn't require log in. Generally they will return delayed data and calls are subject to lower per app limit.
// if logInRedirect is true, trying to logIn without an oAuth code will redirect the browser to TDAmeritrade's login portal
client.authentication.logIn();
// once authorized TDA will redirect back to the redirect URI, with oAuth code in query, calling logIn with the code
client.authentication.logIn('oAuth code from query');
// the client will attempt to get tokens, if there's no error, the client is logged in and will run the preconfigured afterLogIn function
// expected output: client access granted
// all APIs are accessible at this point
const testAccLog = async () => {
const resJson = await client.accounts.getAccounts();
console.log(resJson);
}
testAccLog();
// Calling logOut will initiate client's calls to revoke access and refresh tokens. As noted above, only the refresh token will be revoked, even though both http request will return with status 200
client.authentication.logOut();
// expected output: client access revoked
Data format
All input and output scheme follows TD Ameritrade's JSON scheme, with some processing to make data types more logical. All input and output dates are expected and converted to JS Date objects. All multiple data points for one param are converted to array.
Accounts
// return all accounts associated with the authenticated user
const accounts = await client.accounts.getAccounts({
fields: ['balances', 'positions', 'order']
// balances is default, refer to TDA's documentation for more info
});
// return specific account
const account = await client.accounts.getAccount({
fields: ['balances', 'positions', 'order']
});
Orders
Due to the varieties of instrument TDA supports, the order flow can be pretty complicated. To streamline and reduce the order parameters, different instrument types will have different functions for placing order. Currently only equity is implemented. Official documentation
client.orders.placeOrderEquity({
accountId: 'id of the account to place order with, accounts can be access with accounts.getAccounts',
quantity: 'number of shares',
symbol: 'symbol of stock',
orderType: 'MARKET or LIMIT, etc.',
price: 69, // for limit orders
instruction: 'BUY or SELL',
});
// return orders for a specific account
clients.orders.getOrdersByPath({
accountId: 'the account ID',
maxResults: 13, // maximum number of orders to retrieve
fromEnteredTime: new Date(), // specify the first date of the orders, it's
toEnteredTime: new Date(),
status: 'ACCEPTED, QUEUED, etc.' // refer to official documentations for more
});
// return a specific order
clients.orders.getOrder({
accountId: 'account ID',
orderId: 'order ID'
});
// cancel a specific order
clients.orders.cancelOrder({
accountId: 'account ID',
orderId: 'order ID'
});
Instruments
// search an instrument with symbol
clients.instruments.searchInstruments({
symbol: 'TD',
projection: 'default set as fundamental'
// refer to official documentation for more options
})
// search without login
clients.instruments.unauthenticated.searchInstruments({
symbol: 'TD',
})
Movers
// return top movers for a market
clients.movers.getMovers({
index: '$COMPX, $DJIA, or $SPX.X',
direction: 'up or down',
change: 'value or percent'
});
// get movers without log in
clients.movers.unauthenticated.getMovers({ index, direction, change });
Option Chains
// return option chains for a symbol
clients.optionChains.getOptionChain({
symbol,
contractType,
strikeCount,
includeQuotes,
strategy,
interval,
strike,
range,
fromDate,
toDate,
volatility,
underlyingPrice,
interestRate,
daysToExpiration,
expMonth,
optionType,
});
// without log in
clients.optionChains.unauthenticated.getOptionChain();
Price History
// return price history for a symbol
clients.priceHistory.getPriceHistory({
symbol,
periodType,
period,
frequencyType,
frequency,
endDate,
startDate,
needExtendedHoursData,
});
// without log in
clients.priceHistory.unauthenticated.getPriceHistory();
Transaction History
// return transactions for a specific account
clients.transactionHistory.getTransactions({
type,
symbol,
startDate,
endDate,
accountId
});
// return specific transactions
clients.transactionHistory.getTransaction({
accountId,
transactionId
});