Welcome to the Ownera Router API reference.
The Router APIs are the interface for interacting with the Ownera orchestration layer. They provide a unified way for institutions, platforms, and developers to build SuperApps - applications that orchestrate transactions, custody, payments, and distribution across the global digital assets ecosystem.
API Categories
The Router exposes three categories of APIs:
Application APIs
For SuperApp developers building business applications.
| API | Protocol | Purpose | When to Use |
|---|---|---|---|
| Transactional API | REST (/finapi/*) | Actions that change state | Create profiles, submit intents, execute trades, manage certificates |
| Query API | GraphQL (/oss/query) | Read state and relationships | Query assets, positions, portfolios, execution plan status, events |
Operational APIs
For platform operators and administrators managing Router infrastructure.
| API | Purpose | Examples |
|---|---|---|
| Policy Management | Configure trading and compliance policies | Get/set trading policies, validation rules |
| Workflow Management | Manage execution plans and workflows | Cancel workflows, reset stuck executions |
| Data Operations | Import and reconcile external data | Import external transactions, sync balances |
| Configuration | Router and organization setup | Organization settings, routing rules |
Adapter APIs
For infrastructure teams connecting the Router to ledgers and custody systems.
The Router communicates with underlying ledgers and custody providers through adapter interfaces. Each adapter type supports two integration patterns:
| Pattern | Direction | Description | When to Use |
|---|---|---|---|
| Push API | Router → Adapter | Router calls the adapter directly via REST | When your adapter can expose an HTTP endpoint that the Router can reach |
| Proxy (Pull) API | Adapter → Router | Adapter polls the Router for pending commands and submits responses | When your adapter cannot expose an endpoint (firewall, network constraints) or prefers to pull work |
Ledger Adapters - Connect the Router to blockchains, tokenization platforms, and traditional ledgers for asset operations (issuance, transfers, holds, settlements).
Custody Adapters - Connect the Router to key management and custody solutions for account creation, signing operations, and execution plan approvals.
All API categories share the same authentication model.
What You Can Do
With these APIs, your SuperApp can:
Identity & Profiles
- Create and manage investor (owner) profiles
- Link investors to custody services and obtain FinIDs
- Attach compliance certificates (KYC/AML, accreditation)
- Share profiles across organizations for multi-party workflows
Assets & Intents
- Create and configure asset profiles
- Define intents (primary sale, secondary trading, transfers, financing)
- Enable/disable intent types per asset
Execution & Orchestration
- Execute against open intents (investments, trades, transfers)
- Track execution plan status through completion
- Cancel or reset in-flight executions
Positions & Portfolios
- Query investor positions and balances
- Monitor portfolio state across assets and custodians
- Sync balances with underlying ledgers
Messaging & Documents
- Send messages between organizations
- Attach and retrieve documents on certificates
Quick Reference: Common Flows
Onboard an Investor
POST /profiles/owner → Create investor profile
POST /profiles/owner/{id}/account → Link to custody (async)
POST /profiles/{id}/certificates → Add KYC/AML certificates
POST /profiles/{id}/share → Share with counterpartiesExecute a Primary Sale Investment
GraphQL: Query assets & active intents
POST /tokens/execute → Execute against intent
GraphQL: Poll execution plan statusTransfer Positions
POST /profiles/asset/intent/transfer → Create transfer intent
POST /profiles/asset/intent/transfer/execute → Execute transferAuthentication
All API requests require JWT bearer token authentication.
- Tokens are signed with your RSA private key
- Each token is single-use (new token per request)
- Tokens expire after 30 seconds
→ See Authorization for full details
Resource ID Format
All resources use a globally unique identifier format:
<organization>:<resource-type>:<uuid>| Type Code | Resource |
|---|---|
| 101 | Owner/Investor profile |
| 102 | Asset profile |
| 105 | Intent |
| 106 | Execution Plan |
Example: your-org:101:edc5c2cc-6688-457a-a0f6-1e7aea28d144
Next Steps
Understand the Concepts
- Introduction to the Orchestration Layer - what you're building on
- Core Concepts: Router & Primitives - identities, intents, and orchestration
Dive into the APIs
- Transactional API Endpoints - full endpoint reference
- GraphQL Schema - query reference (if available)