API Reference

The Point REST API allows you to programmatically access and manage your investment data. This reference covers authentication, endpoints, request/response formats, and error handling.

API Access

API access requires a dedicated API client to be configured by your administrator. Contact support@pointgroup.io to request API access.

Base URL

https://[your-org].pointgroup.io/api/v1

Authentication

Point's API uses OAuth 2.0 Client Credentials flow.

Getting an Access Token

POST https://[your-org].pointgroup.io/auth/token
Content-Type: application/x-www-form-urlencoded

grant_type=client_credentials
&client_id=YOUR_CLIENT_ID
&client_secret=YOUR_CLIENT_SECRET
&scope=api.read

Response:

{
  "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...",
  "token_type": "Bearer",
  "expires_in": 3600,
  "scope": "api.read"
}

Using the Token

Include the token in the Authorization header of every API request:

GET /api/v1/portfolios
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...

Tokens expire after 1 hour. Request a new token before it expires.

---

Portfolios

List Portfolios

GET /api/v1/portfolios

Query Parameters:

Parameter	Type	Description
status	string	Filter by status: active, inactive, archived
clientId	string	Filter by client ID
currency	string	Filter by base currency (ISO 4217)
page	integer	Page number (default: 1)
pageSize	integer	Results per page (default: 50, max: 200)

Response:

{
  "data": [
    {
      "id": "port_abc123",
      "name": "Smith Family Office GBP",
      "code": "SFO-GBP-001",
      "clientId": "client_xyz789",
      "baseCurrency": "GBP",
      "type": "composite",
      "status": "active",
      "totalValue": 12500000.0,
      "latestValuationDate": "2026-02-17",
      "createdAt": "2024-01-15T09:00:00Z",
      "updatedAt": "2026-02-17T18:30:00Z"
    }
  ],
  "pagination": {
    "page": 1,
    "pageSize": 50,
    "totalItems": 127,
    "totalPages": 3
  }
}

Get Portfolio

GET /api/v1/portfolios/{portfolioId}

Get Portfolio Holdings

GET /api/v1/portfolios/{portfolioId}/holdings

Query Parameters:

Parameter	Type	Description
date	string	Valuation date (ISO 8601, default: latest)
lookThrough	boolean	Apply fund look-throughs (default: false)

---

Securities

List Securities

GET /api/v1/securities

Get Security

GET /api/v1/securities/{securityId}

Get Security Prices

GET /api/v1/securities/{securityId}/prices

Query Parameters:

Parameter	Type	Description
from	string	Start date (ISO 8601)
to	string	End date (ISO 8601)
type	string	Price type: close, mid, bid, ask, nav

---

Transactions

List Transactions

GET /api/v1/transactions

Query Parameters:

Parameter	Type	Description
portfolioId	string	Filter by portfolio
securityId	string	Filter by security
from	string	Start date
to	string	End date
type	string	Transaction type
status	string	pending, settled, failed, cancelled

---

Rate Limits

Tier	Requests per Minute	Requests per Day
Standard	60	10,000
Premium	300	100,000

Rate limit headers are included in every response:

X-RateLimit-Limit: 60
X-RateLimit-Remaining: 45
X-RateLimit-Reset: 1708272000

---

Error Codes

HTTP Status	Error Code	Description
400	INVALID_REQUEST	Request is malformed or missing required fields
401	UNAUTHORIZED	Missing or invalid access token
403	FORBIDDEN	Valid token but insufficient permissions
404	NOT_FOUND	The requested resource does not exist
409	CONFLICT	Resource already exists (e.g., duplicate code)
422	VALIDATION_ERROR	Request data failed validation
429	RATE_LIMIT_EXCEEDED	Too many requests
500	INTERNAL_ERROR	Unexpected server error
503	SERVICE_UNAVAILABLE	Platform is temporarily unavailable

Error Response Format:

{
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "The 'baseCurrency' field is required.",
    "details": [
      {
        "field": "baseCurrency",
        "message": "This field is required."
      }
    ],
    "requestId": "req_abc123xyz"
  }
}

Include the requestId when contacting support about an error.