Skip to main content

Sessions

Sessions are a central concept at brokerize. To understand the system, it is important to distinguish between brokerize sessions and broker sessions.

brokerize Session

The brokerize session identifies the end user to the brokerize platform. Every API request occurs in the context of such a user. brokerize distinguishes between two types:

  1. Guest Sessions (Anonymous): A guest account is ephemeral; all data is deleted once the session ends or expires. In most cases, guest sessions are deleted overnight.
  2. Registered Users: These users have a permanent account with brokerize. Their data (such as portfolios and histories) remains stored permanently, and they can log in at any time with their credentials.

Important: From a technical perspective, guest sessions are full-fledged sessions. All features available to a registered user can also be used by a guest user (e.g., connecting real brokers, trading). The main difference lies only in the persistence of the data within brokerize.

account diagram

Broker Session

A broker session is created when a user connects to a specific broker within their brokerize session.

Most brokers enable authentication via the OAuth protocol. You are securely redirected to your bank's website or app and return to brokerize after authorization. Details about this standard can be found at oauth.net.

  • Authentication: Authentication always takes place directly with the broker. brokerize never stores your broker credentials (username/password). We only store the tokens or session IDs issued by the broker after a successful login.
  • Lifecycle: These broker sessions are usually limited in time. They end when the user logs out (LogoutSession) or the broker ends the session due to inactivity (timeout).
  • State: An active broker session makes a portfolio "Online". Without an active session, the portfolio remains visible in the system "Offline" (with the last known state).

Data Synchronization (Sync Process)

As soon as an active broker session exists, brokerize starts a background process to synchronize the data:

  1. Regular Retrieval: brokerize periodically requests orders, positions, and account balances (CashAccount) from the broker.
  2. Storage in the brokerize DB: The retrieved data is cached in the brokerize database.
  3. API Requests against the DB: When your application retrieves data such as the portfolio (GetPortfolios, GetPortfolioPositions), these requests are served against our database, not directly against the broker.
sessions diagram

Advantages of this approach:

  • Speed: API responses are extremely fast as no live request to the broker has to be waited for.
  • Availability: The user can view their portfolio even if they are not currently actively logged in to the broker (last known state) or if the broker is temporarily unavailable.
  • Reduced Load: We optimize the number of requests to the broker interfaces.

Session Status & Online Sessions

A portfolio in brokerize can have two states:

  • Online: There is an active session to the broker. Data can be updated and orders can be placed.
  • Offline: The session has expired or has been ended. The last state of the data is still visible in the brokerize DB, but for actions (such as trading), the user must log in again.