The Router APIs are the interface for interacting with the Ownera orchestration layer. They provide a unified way for institutions, platforms, and developers to build SuperApps - applications that orchestrate transactions, custody, payments, and distribution across the global digital assets ecosystem.

API Categories

The Router exposes three categories of APIs:

Application APIs

For SuperApp developers building business applications.

API	Protocol	Purpose	When to Use
Transactional API	REST (`/finapi/*`)	Actions that change state	Create profiles, submit intents, execute trades, manage certificates
Query API	GraphQL (`/oss/query`)	Read state and relationships	Query assets, positions, portfolios, execution plan status, events

Operational APIs

For platform operators and administrators managing Router infrastructure.

API	Purpose	Examples
Policy Management	Configure trading and compliance policies	Get/set trading policies, validation rules
Workflow Management	Manage execution plans and workflows	Cancel workflows, reset stuck executions
Data Operations	Import and reconcile external data	Import external transactions, sync balances
Configuration	Router and organization setup	Organization settings, routing rules

Adapter APIs

For infrastructure teams connecting the Router to ledgers and custody systems.

The Router communicates with underlying ledgers and custody providers through adapter interfaces. Each adapter type supports two integration patterns:

Pattern	Direction	Description	When to Use
Push API	Router → Adapter	Router calls the adapter directly via REST	When your adapter can expose an HTTP endpoint that the Router can reach
Proxy (Pull) API	Adapter → Router	Adapter polls the Router for pending commands and submits responses	When your adapter cannot expose an endpoint (firewall, network constraints) or prefers to pull work

Ledger Adapters - Connect the Router to blockchains, tokenization platforms, and traditional ledgers for asset operations (issuance, transfers, holds, settlements).

Custody Adapters - Connect the Router to key management and custody solutions for account creation, signing operations, and execution plan approvals.

All API categories share the same authentication model.

What You Can Do

With these APIs, your SuperApp can:

Identity & Profiles

Create and manage investor (owner) profiles
Link investors to custody services and obtain FinIDs
Attach compliance certificates (KYC/AML, accreditation)
Share profiles across organizations for multi-party workflows

Assets & Intents

Create and configure asset profiles
Define intents (primary sale, secondary trading, transfers, financing)
Enable/disable intent types per asset

Execution & Orchestration

Execute against open intents (investments, trades, transfers)
Track execution plan status through completion
Cancel or reset in-flight executions

Positions & Portfolios

Query investor positions and balances
Monitor portfolio state across assets and custodians
Sync balances with underlying ledgers

Messaging & Documents

Send messages between organizations
Attach and retrieve documents on certificates

Quick Reference: Common Flows

Onboard an Investor

POST /profiles/owner          → Create investor profile
POST /profiles/owner/{id}/account  → Link to custody (async)
POST /profiles/{id}/certificates   → Add KYC/AML certificates  
POST /profiles/{id}/share          → Share with counterparties

Execute a Primary Sale Investment

GraphQL: Query assets & active intents
POST /tokens/execute          → Execute against intent
GraphQL: Poll execution plan status

Transfer Positions

POST /profiles/asset/intent/transfer           → Create transfer intent
POST /profiles/asset/intent/transfer/execute   → Execute transfer

Authentication

All API requests require JWT bearer token authentication.

Tokens are signed with your RSA private key
Each token is single-use (new token per request)
Tokens expire after 30 seconds

→ See Authorization for full details

Resource ID Format

All resources use a globally unique identifier format:

<organization>:<resource-type>:<uuid>

Type Code	Resource
101	Owner/Investor profile
102	Asset profile
105	Intent
106	Execution Plan

Example: your-org:101:edc5c2cc-6688-457a-a0f6-1e7aea28d144

Next Steps

Understand the Concepts

Introduction to the Orchestration Layer - what you're building on
Core Concepts: Router & Primitives - identities, intents, and orchestration

Dive into the APIs

Transactional API Endpoints - full endpoint reference
GraphQL Schema - query reference (if available)