Depending on applicable regulations or business limitations, specific API requests may not be available for your use.


The Folio REST API enables investment and related firms contracted with Folio to create unique applications using our powerful brokerage functionality. Organized around REST, it has predictable resource-oriented URLs, accepts form-encoded request bodies, returns JSON-encoded responses, and uses standard HTTP response codes, authentication, and verbs.


We offer numerous API calls to enable investment and related firms to access nearly all of the functions that can be performed directly on the Folio Client and Folio Institutional websites. We continue to add improved documentation in support of each function, as well as new API calls and end points based on both user feedback and ongoing system enhancements.

Note that Folio’s API is not intended for use by individual investors wishing to create their own trading solutions; rather, it is a powerful development tool for advanced technical users familiar with REST and JSON technologies. We do not provide HTML or other code samples for using the API.


We follow common REST API design principles as follows:

  • Each call is stateless. Requests do not carry state information with them.
  • Standard HTTP verbs are used: GET is used to retrieve an object, POST is used to create a new object and PUT is used to update an existing object.
  • HTTP response codes are used to inform the client of the status of requests. For example, if the client tries to GET an object that does not exist, the response will have a status code of 403. If the client successfully creates an object, the status code will be 201.
  • Objects are transmitted in the HTTP bodies using JSON notation.

Initial Setup

To access the Folio REST API endpoints in our production environment you will need to complete the following steps. Additional information will be provided by a Folio representative when applicable:

  1. Complete API Security Questionnaire for UAT Access. This will need to be reviewed and approved by a Folio representative.
  2. Signed contract with Folio Institutional for our services. Note that we will perform background checks and other due diligence reviews on you and your firm as part of this process.
  3. Pass a detailed review by Folio of the sections on your site and / or application which will use the Folio name and/or functions. This will include a compliance review as well as verification of successful API calls for each API endpoint.
  4. Update API Security Questionnaire for Production Access and Complete Vulnerability Scans / Pentest. This will need to be reviewed and approved by a Folio representative.

Technical Environment Information

For information about our services and contact information for Folio Representatives, visit the Folio Institutional site at and select the service area in which you are interested.

For technical questions about this API contact us at

Getting Started