The Lab

Expand all   Collapse all

This page documents Reflector's REST API.


The web server services requests on different threads than those that listen on TCP frames. As a result, some (minimal) amount of synchronization is required. All requests marked as GET either does not synchronize or at most grabs a read lock. Everything else (POST, PUT, DEL) requires scheduling and waiting. The goal is always to minimize the amount of work and synchronization required when servicing TCP frames.

All attempts to change configuration will be acknowledged with a reply with an HTTP status. It will have a ConfigFeedback categorization if actually serviced by the main thread. It may contain more details in the event of a rejection.


HTTP StatusSourceConfig FeedbackDescription
200 OKmain threadSUCCESSconfig change accepted and logged
200 OKbothIDEMPOTENTconfig change accepted without change
400 BAD REQUESTweb server-request malformed
404 NOT FOUNDweb server-entity not found
405 METHOD NOT ALLOWEDweb server-http method/action not allowed
409 CONFLICTmain threadREJECTgeneral reject (unused)
409 CONFLICTmain threadCOLLISIONcollision with existing name/value
409 CONFLICTmain threadNOT_FOUNDname/value not found
409 CONFLICTmain threadUNKNOWN_ACCOUNTaccount lookup failed
409 CONFLICTmain threadTABLE_FULLmemory pool full
409 CONFLICTmain threadHASH_COLLISIONhash value collision
409 CONFLICTmain threadMALFORMED_NAMEmalformed name/identifier
409 CONFLICTmain threadMALFORMED_PASSmalformed password
409 CONFLICTmain threadMALFORMED_DATEmalformed date
409 CONFLICTmain threadTYPE_MISMATCHgeneral category mismatch
409 CONFLICTmain threadSEQ_MISMATCHsequence number mismatch
409 CONFLICTmain threadOUT_OF_RANGEvalue/quantity out of range


Control

There are two types of commands here: state queries and shutdown.

Are You OK?

  • http method/path : GET : [root]/system/ruok
  • reply : Replies with "imok".

Environment

  • http method/path : GET : [root]/system/envi
  • reply : Replies with JSON object detailing compilation and runtime environment properties. This includes compiler version, selected compiler flags, custom flags, compile timestamp, dependency list & versions, hardware details, os name & details, resource limits, & executable file stats.

State

  • http method/path : GET : [root]/system/stat
  • reply : Replies with JSON object detailing runtime properties. This includes overall resource usage, various timestamps, process scheduling priorities, startup args, utilization of various memory pools, and the adjustment ledger state.

Update DMS Slack

  • http method/path : POST : [root]/system/update_dms_slack?[dms_slack_seconds]
  • [dmsslackseconds] : Integral number of seconds, must be between 45 and 1200 inclusive.

Shutdown

  • http method/path : POST : [root]/system/shutdown
  • reply : Performs an orderly shutdown.

Abort

  • http method/path : POST : [root]/system/abort
  • reply : Shuts down via SIGKILL. Not recommended for normal use.

Invariants

Show Exchange Codes

Exchange Codes identify either an exchange or a bank. When banks or exchanges provide multiple venues, they are typically combined in one because of convenience. This is reinforced by the fact that Reflector's FIX parser is mostly venue-agnostic. An exception is LMAX, whose FIX.4.4 feed is drastically different from its FIX.4.2 feed.

  • http method/path : GET : [root]/invariants/exchange_codes
  • reply : Replies with JSON array that lists all available exchange codes. example:
[ "FIX_360T", "FIX_ADS", "FIX_ANZ", "FIX_BAML", "FIX_Barclays", "FIX_BGC", "FIX_Bloomberg" , "FIX_BNPParibas", "FIX_CIBC", "FIX_Citadel", "FIX_Citi", "FIX_Commerz", "FIX_CreditSuisse" , "FIX_Currenex", "FIX_Deltix", "FIX_Deutsche", "FIX_DMALINK", "FIX_EBS", "FIX_Edgewater" , "FIX_Fastmatch", "FIX_FirstDerivative", "FIX_FlexTrade", "FIX_FXall", "FIX_FXCM" , "FIX_FXSpotStream", "FIX_GainGTX", "FIX_GFX", "FIX_GoldmanSachs", "FIX_GSA", "FIX_HenningCarey" , "FIX_Hotspot", "FIX_HSBC", "FIX_IG", "FIX_Integral", "FIX_ITG", "FIX_JPMorgan", "FIX_KCG" , "FIX_LMAX42", "FIX_LMAX44", "FIX_LumeFX", "FIX_MakoFX", "FIX_MorganStanley", "FIX_Nomura" , "FIX_ParFX", "FIX_Pragma", "FIX_PrimeXM", "FIX_RBC", "FIX_RBS", "FIX_Reuters", "FIX_Saxo" , "FIX_SEB", "FIX_SmartTrade", "FIX_SocGen", "FIX_SolidFX", "FIX_SpotEX", "FIX_StandardChartered" , "FIX_StateStreet", "FIX_SunTrading", "FIX_UBS", "FIX_Virtu", "FIX_Xenfin", "FIX_XTX" ]

Show Currencies

  • http method/path : GET : [root]/invariants/currencies
  • reply : Replies with JSON array that lists all available currencies. example:
[ "USD", "EUR", "JPY", "GBP", "AUD", "CAD", "CHF", "CNY" , "CNH", "SEK", "MXN", "NZD", "SGD", "HKD", "NOK", "KRW" , "TRY", "INR", "RUB", "BRL", "ZAR", "DKK", "PLN", "TWD" , "THB", "MYR", "HUF", "CZK", "ILS", "SAR", "CLP", "IDR" , "COP", "PHP", "RON", "PEN", "XAG", "XAU", "XPD", "XPT" , "AED", "BHD", "HRK", "ISK", "KWD", "OMR", "RSD", "EGP" ]

Rates

All rates are stored as density per unit of USD, including the USD. Absolutely no concession will be made to the ``traditional" ordering of the currency pairs, apart from the fact that the rate update mechanism will parse it correctly when appropriately labeled. Rates are a global property, no one can have their own rate.

Show Rates

  • http method/path : GET : [root]/rates/all
  • reply : Replies with JSON dictionary lists the current set of exchange rates. The denominator is always USD.

Update Rates

  • http method/path : PUT : [root]/rates/update

  • arguments : JSON dictionary of currency to rate. 2 possible forms: "CCY/USD", & "USD/CCY".

  • arg constraints : Rates must be between 10-4 and 104, and must be within a factor of 2 from the previous rate.

  • arg example : Disregarding rounding errors, the following argument sets are equivalent:

{ "EUR/USD": 1.03, "JPY/USD": 0.0086, "AUD/USD": 0.75 }

{ "USD/EUR": 0.97, "USD/JPY": 116.27, "USD/AUD": 1.33 }

  • reply : Accept/Reject on entire set of changes. Either everything gets applied or nothing.

Trader IPs

Traders can only connect from whitelisted Trader IPs. Trader IP entries consist of 3 fields: origip, natip, and an optional string label. Whenever a TCP connection is refused, whether on account of Trader IP or Venue IP/Port, the Trader IP is added to a list of blocked Trader IPs

Show Whitelisted Trader IPs

  • http method/path : GET : [root]/trader_ips/all
  • reply : Replies with JSON array that lists all whitelisted trader ip entries.

Show Blocked Trader IPs

  • http method/path : GET : [root]/trader_ips/bad
  • reply : Replies with JSON array that lists all blocked trader ip addresses.

Show Whitelisted Trader IPs by Label

  • http method/path : GET : [root]/trader_ips/[[search_term]]
  • reply : Replies with JSON array that lists all whitelisted trader ip entries whose label matches the search term via c

Add Trader IP

  • http method/path : POST : [root]/trader_ips/new
  • arg example : { "orig_addr":"1.2.3.4", "nat_addr":"5.6.7.8", "label" : "invisible hand" }
  • If "nat_addr" is omitted, it is assumed that it is equivalent to "orig_addr".

Relabel A Trader

  • http method/path : PUT : [root]/trader_ip/[trader_ip]/relabel
  • arg example : { "label" : "quantitative easer" }

Remove Trader IP

  • http method/path : DEL : [root]/trader_ip/[trader_ip]/del
  • [traderip] example_ : "1.2.3.4"

Show Sessions related to a Trader IP

  • http method/path : GET : [root]/trader_ip/[trader_ip]/get
  • [traderip] example_ : "1.2.3.4"
  • reply : Replies with JSON object containing trader ip and related sessions.

Venue IPs

Traders can only connect to whitelisted Venue IP/Port pairs. A venue entry consists of: originalip/port, nattedip/port, exchange_code, and a boolean on whether it is a monitored endpoint. Whenever a TCP connection is refused, whether on account of Trader IP or Venue IP/Port, the Venue IP/Port is added to a list of blocked Venue IP/Ports.

Show Whitelisted Venue IPs

  • http method/path : GET : [root]/venue_ips/all
  • reply : Replies with JSON array that lists all whitelisted venue entries.

Show Blocked Venue IPs

  • http method/path : GET : [root]/venue_ips/bad
  • reply : Replies with JSON array that lists all blocked venue ip/port.

Show Checked Venue IPs

  • http method/path : GET : [root]/venue_ips/checked
  • reply : Replies with JSON array that lists all whitelisted venue entries that are checked.

Show Unchecked Venue IPs

  • http method/path : GET : [root]/venue_ips/unchecked
  • reply : Replies with JSON array that lists all whitelisted venue entries that are unchecked.

Show Venue IPs by ExchangeCode

  • http method/path : GET : [root]/venue_ips/[exchange_code]
  • reply : Replies with JSON array that lists all whitelisted venue entries related to an ExchangeCode.

Add Venue IP

  • http method/path : POST : [root]/venue_ips/new
  • arg example :
{ "orig_addr":"1.2.3.4", "nat_addr":"5.6.7.8"
, "orig_port":3000, "nat_port":4000
, "exchange_code" : "FIX_Currenex", "checked" : true
}
  • If "nat_addr" or "natport" is omitted, it is assumed that it is equivalent to `"origaddr"or"orig_

Remove Venue IP

  • http method/path : DEL : [root]/venue_ip/[venue_ip]/[venue_port]/del
  • [venue_ip] example "1.2.3.4"
  • [venue_port] example 3000

Show Sessions related to a Venue IP

  • http method/path : GET : [root]/venue_ip/[venue_ip]/[venue_port]/get
  • [venue_ip] example "1.2.3.4"
  • [venue_port] example : 3000
  • reply : Replies with JSON object containing venue ip/port and related sessions.

Special Routes

Some venues dictate trader ip. This is handled by the `special routes' table. Given an original trader ip and translated venue ip/port, a special route entry provides a custom translated trader ip. The special route system is on an escape hatch for the address translation and not a part of the whitelist system, so both endpoints (trader & venue) still need to be separately whitelisted.

Show All Special Routes

  • http method/path : GET : [root]/special_routes/all
  • reply : Replies with JSON array that lists all special route entries.


Add Special Route

  • http method/path : POST : [root]/special_routes/new
  • arg example :
{ "orig_trader_addr" : "1.2.3.4"
, "nat_trader_addr" : "5.6.7.8"
, "nat_venue_addr" : "10.20.30.40"
, "nat_venue_port" : 1234
}
  • "orig_trader_addr""nat_venue_addr", and "nat_venue_port" constitutes the key
  • "nat_trader_addr" constitutes the value

Remove Special Route

  • http method/path : DEL : [root]/special_route/[orig_trader_addr]/[nat_venue_addr]/[nat_venue_port]/del
  • [origtraderaddr] example : "1.2.3.4"
  • [natvenueaddr] example : "5.6.7.8"
  • [natvenueport] example : 1234

Sessions

A credential uniquely determined by the ordered quadruple : (TraderAddr, TraderPort, VenueAddr, VenuePort). Upon logon confirmation from the venue, a session will either be bound to a credential (if found and permitted to connect) or terminated.

Show All Sessions

  • http method/path : GET : [root]/sessions/all
  • reply : Replies with JSON array that lists all live sessions.

Show Recently Terminated Sessions

  • http method/path : GET : [root]/sessions/terminated
  • reply : Replies with JSON array that lists all recently terminated sessions.

Show Sessions by IP

  • http method/path : GET : [root]/sessions/[ip]
  • reply : Replies with JSON array that lists all live sessions related to the provided ip address. It matches both both original and nat addresses. It matches both both trader and venue addresses.
  • [ip] example : "1.2.3.4"

Show Sessions by Search Term

  • http method/path : GET : [root]/sessions/[search_term]
  • reply : Replies with JSON array that lists all live sessions where the search term is a case-invariant substring of any of the follow trader label, ExchangeCode, SessionTypeCode, CompID, SubID, UserName.

Credentials

A credential uniquely determined by the ordered triple : (ExchangeCode, CompID, SubID). Credentials participate in a many-to-many relationship with user groups. Credential type must be one of: {TAKER, MAKER, PASS_TKR, PASS_MKR, COPY, DATA}

Credential double-login is an optional feature (empty string disables feature) where the trader is given an alternate password to be used aga upon validation, is overwritten into the real password required by the venue. The two passwords are required to have the same length. 

Account overloading is another optional feature where orders and executions could be routed to different users based on certain fields sent over the wire, usually Account[1].

Show All Credentials

  • http method/path : GET : [root]/credentials/all
  • reply : Replies with JSON array that lists all credentials.

Show Credentials by ExchangeCode

  • http method/path : GET : [root]/credentials/[exchange_code]}
  • reply : Replies with JSON array that lists all credentials related to an ExchangeCode.
  • [exchangecode]_ : See subsection on exchange codes.

Show Credentials by SessionTypeCode

  • http method/path : GET : [root]/credentials/[session_type_code]
  • reply : Replies with JSON array that lists all credentials related to an SessionTypeCode.
  • legal [sessiontypecode] values : TAKER, MAKER, DATA.

Show Enabled Credentials

  • http method/path : GET : [root]/credentials/ENABLED
  • reply : Replies with JSON array that lists all credentials that are enabled.

Show Disabled Credentials

  • http method/path : GET : [root]/credentials/DISABLED
  • reply : Replies with JSON array that lists all credentials that are disabled.

Show Active Credentials

  • http method/path : GET : [root]/credentials/active
  • reply : Replies with JSON array that lists all credentials that are linked to at least one active session.

Show Overloaded Credentials

  • http method/path : GET : [root]/credentials/overloaded
  • reply : Replies with JSON array that lists all credentials that have at least one overloaded account.

Show Credentials by Group

  • http method/path : GET : [root]/credentials/[group_name]
  • reply : Replies with JSON array that lists all credentials that are under a group.
  • [groupname]_ : See subsection on groups.

Create Credential

  • http method/path : POST : [root]/credentials/new
  • arg example :
{ "venue" : "FIX_Currenex"
, "comp_id" : "LV-426"
, "sub_id" : "Nostromo"
, "user" : "Ash"
, "type" : "TAKER"
, "enabled" : true
, "zebra_pass" : "crew"
, "venue_pass" : "food"
}



Enable Credential

  • http method/path : PUT : [root]/credential/enable
  • arg example : { "venue" : "FIX_Currenex", "comp_id" : "LV-426", "sub_id" : "Nostromo" }

Disable Credential

  • http method/path : PUT : [root]/credential/disable
  • arg example : { "venue" : "FIX_Currenex", "comp_id" : "LV-426", "sub_id" : "Nostromo" }

Change Credential Password

  • http method/path : PUT : [root]/credential/change_pass
  • arg example :
{ "venue" : "FIX_Currenex"
, "comp_id" : "LV-426"
, "sub_id" : "Nostromo"
, "zebra_pass" : "spaceship"
, "venue_pass" : "xenomorph"
}


Groups

A group represent a pool of risk. Within a group, the actualized outlays of the fills combined with the unactualized outlays of live orders form a Position". Additionally, every group has a set of risk parameters, known asLimits", to which the position is subject.

The set of groups organize themselves into trees, giving rise to 2 kinds of nodes: aggregate group & user group. An aggregate group can only contain other groups, and its position reflects the sum of the positions of its children. An user group does not contain other groups, but contains credentials, and its position reflects the sum of the positions of the credentials.

Every group has a integer visibility value, which dictates how far up the chain can the node be visible for.

Positions are stored as an array (indexed by currency) of ordered triples of (Buying, Selling, Filled).

Next, we have trading modes: (NORMAL, DEESCALATION, LOCKED, UNPLUGGED).\ The modes are controlled by 3 flags: (ESCALATION, TRADEABLE, ENABLED).\ When all flags are set, NORMAL mode entails.

There are many types of limits. The first is the primary limit, which must be one of (DownSide, UpSide, Exposure, Displacement), and is used to determine whether an order action increases risk. There are fat-finger checks, such as the submission rate limit, the single limit, and the pending limit. And finally, we have single currency trading permissions and exposure limits.

Show All Groups

  • http method/path : GET : [root]/groups/all
  • reply : Replies with JSON array of group tree hierarchies. Ignores visibility and shows all attributes of groups sans currency component details. Shows all details (sans passwords) of credentials as children of user groups.

Show All Group Names

  • http method/path : GET : [root]/groups/all_names
  • reply : Replies with JSON array of group tree hierarchies. Ignores visibility and shows only identifying attributes of groups & credentials.

Show All Group Limits

  • http method/path : GET : [root]/groups/all_limits
  • reply : Replies with JSON array of group tree hierarchies. Ignores visibility and shows limit information & identifying attributes of groups.

Show All Group Positions

  • http method/path : GET : [root]/groups/all_positions
  • reply : Replies with JSON array of group tree hierarchies. Ignores visibility and shows position information (sans currency components) & identifying attributes of groups.

Retrieve Selected Groups

  • http method/path : GET : [root]/groups/selected?[groups]
  • [groups] argument : A semicolon-colon list of group names.
  • reply : Replies with JSON array of group tree hierarchies, with the specified root nodes.

Create Group

  • http method/path : POST : [root]/groups/new
  • arg example :
{ "type" : "USER"
, "name" : "Ash"
, "visibility" : 127
, "parent_name" : "Weyland-Yutani"
, "throttle" : 5
, "single" : 10000000
, "pending" : 10000000
, "limit_type" : "DOWNSIDE"
, "position" : 30000000
, "flags" :
    { "ENABLED" : true
    , "TRADEABLE" : true
    , "ESCALATION" : true
    , "THROTTLE": true
    , "SINGLE" : true
    , "POSITION" : true
    , "PENDING" : true
    , "DMS" : false
    }
}


Retrieve a Group

  • http method/path : GET : [root]/group/[group]/get
  • reply : Replies with JSON object representing all attributes of the group sans currency component details.

Retrieve a Limit

  • http method/path : GET : [root]/group/[group]/get_limit
  • reply : Replies with JSON object representing the limit information of the group.

Retrieve a Position

  • http method/path : GET : [root]/group/[group]/get_position
  • reply : Replies with JSON object representing the position information of the group, sans currency components.

Retrieve a Component Position

  • http method/path : GET : [root]/group/[group]/get_component
  • reply : Replies with JSON object representing the currency-component position information of the group.

Retrieve a Daily Component Position

  • http method/path : GET : [root]/group/[group]/get_daily_component
  • reply : Replies with JSON object representing the currency-component position information of the group, per settlement date.

Retrieve a Nested Group Hierarchy

  • http method/path : GET : [root]/group/[group]/get_nested
  • reply : Replies with JSON object representing a group+credential tree hierarchy headed by the targeted group and obeying visibility r

Retrieve a Nested Group Name Hierarchy

  • http method/path : GET : [root]/group/[group]/get_nested_names
  • reply : Replies with JSON object representing a group+credential name tree hierarchy headed by the targeted group and obeying visibil

Rename Group

  • http method/path : PUT : [root]/group/[group]/rename
  • arg example : { "new_name" : "Bishop" }

Re-Tag Group

  • http method/path : PUT : [root]/group/[group]/retag
  • arg example : { "new_tag" : "android" }

Move Group

  • http method/path : PUT : [root]/group/[group]/move
  • arg example : { "parent_name" : "Union-Aerospace", "visibility" : 1 }
  • arg [parent_name] : name of parent, required, use empty string to denote using group as head node
  • arg [visibility] : visible distance, required

Heartbeat

  • http method/path : PUT : [root]/group/[group]/heartbeat
  • equivalent to update_limit| with these flags set to true:ENABLED, TRADEABLE, ESCALATION, DMS`.

Update Limit

  • http method/path : PUT : [root]/group/[group]/update_limit
  • arg example (when an argument is missing, it takes the previous value) :
{ "throttle" : 5
, "single" : 10000000
, "pending" : 10000000
, "limit_type" : "EXPOSURE"
, "credit" : 30000000
, "leverage" : 1
, "flags" :
    { "ENABLED" : false
    , "TRADEABLE" : false
    , "ESCALATION" : false
    , "THROTTLE": false
    , "SINGLE" : false
    , "POSITION" : false
    , "PENDING" : false
    , "DMS" : false
    }
}


Update Currency Limits

  • http method/path : PUT : [root]/group/[group]/update_currency_limit
  • note : When turned on, these currency limits (expressed in native units) serve double duty as permission and limit. To have a limit is to have permission, and vice versa. Unlike "updatelimit", every "updatecurrency_limit" is assumed to contain the contain the full set of currency permission
  • arg example :
{ "currency_control": true
, "ccy_limit_denomination": "NATIVE"
, "USD": 10000000
, "EUR": 10000000
, "GBP": 10000000
, "JPY": 1000000000
}

Update Currency Volatility

  • http method/path : PUT : [root]/group/[group]/update_currency_volatility
  • arg example :
{ "USD": 1
, "EUR": 5
, "GBP": 2
, "JPY": 0.5
}

Update Currency Properties

  • http method/path : PUT : [root]/group/[group]/update_currency_properties
  • note : Combines update_currency_limit & update_currency_volatility into one single atomic call.
  • arg example :
{ "limits":
    { "currency_control": true
    , "ccy_limit_denomination": "RESERVE"
    , "USD": 10000000
    , "EUR": 10000000
    , "GBP": 10000000
    , "JPY": 10000000
    }
, "volatilities":
    { "USD": 1
    , "EUR": 5
    , "GBP": 2
    , "JPY": 0.5
    }
}

Update Currency Baskets

  • http method/path : PUT : [root]/group/[group]/update_currency_basket
  • note : When turned on, currencies within the specified set of currency baskets are subject to the exposure limit in dollars set by t currencies outside of all baskets are not allowed to trade. Every "updatecurrencybasket" is assumed to contain the contain the full set of currency baskets.
  • arg example :
{ "currency_basket_control": true
, "ccy_baskets":
    [ { "name": "G10", "range": "[ USD EUR JPY GBP CHF AUD NZD CAD SEK NOK ]", "limit": 1000000000 }
    , { "name": "Emergent.Markets", "range": "[ BRL RUB INR CNY CNH ]", "limit": 1000000000 }
    ]
}


Ledger

The order/position adjustment mechanism is not meant to be called directly. The only thing that should interface with it should be the database synchronization procedure.

Retrieve Ledger State

  • http method/path : GET : [root]/ledger/get
  • reply : Replies with JSON object representing a ledger state.

Ledger Bind

  • http method/path : PUT : [root]/ledger/bind
  • arg example : { "db_target" : "postgres0.mf" }

Ledger Rollover

  • http method/path : PUT : [root]/ledger/roll
  • arg example : { "name" : "Hudson", "counter" : 1, "date" : "2017-01-15" }

Ledger Diff

  • http method/path : PUT : [root]/ledger/diff
  • arg example :
{ "name" : "Hudson"
, "counter" : 1
, "date" : "2017-01-15"
, "venue": "FIX_Currenex"
, "comp_id" : "LV-426"
, "sub_id" : "Nostromo"
, "account": ""
, "USD" : 45000000
, "JPY" : -600000000
, "AUD" : -3000000
, "EUR" : 8000000
, "GBP" : -12000000
, "observed_execs" : [ ]
}


Ledger External Diff

  • http method/path : PUT : [root]/ledger/external
  • Just like diff, but tracked separately and with a more relaxed consistency requirement.

Show Trade Date & Settlement Dates

  • http method/path : GET : [root]/ledger/dates
  • reply : Replies with JSON object representing the current trade date and spot settlement dates.
  • No labels

© 2025 MarketFactory, Inc. All rights reserved.