Skip to main content
Pre-release — contact your Fortary account team for access.
The Fortary API gives your organization programmatic, read-only access to its custody data — vaults, balances, transactions, addresses, and the networks and assets Fortary supports. This guide takes you from zero to your first authenticated request. The API is a dedicated, versioned customer surface served at https://customer-api.fortary.io. Every path starts with a version segment (/v1), responses use stable identifiers and consistent pagination, and errors follow one predictable shape.

Getting access

The customer API is being rolled out to organizations individually during pre-release. There’s no public sandbox or self-service signup, and your organization may not have access yet. To find out whether it’s available for your organization and to get set up:
1

Contact your Fortary account team

Ask about customer API access for your organization.
2

A user with the Developer role creates a credential

Once your organization is set up, a user with the Developer role on the relevant vaults creates an API key from the Fortary portal — see the Authentication guide.
Credentials authenticate against your organization’s real custody data. Scope each key to only the vaults it needs, and prefer a key with a narrow vault allowlist while you are testing an integration.

Making a request

Once you have a key (it looks like fkc_...), send it as a bearer token in the Authorization header. This call lists the vaults the credential can access: 
curl https://customer-api.fortary.io/v1/vaults \
  -H "Authorization: Bearer fkc_..."
A successful response is a paginated list: 
{
  "data": [
    {
      "id": "vault_3f8a2c1d9b",
      "label": "Treasury — Operating",
      "networks": ["Ethereum", "Bitcoin"],
      "createdAt": "2026-01-14T09:32:07Z"
    }
  ],
  "pagination": {
    "limit": 100,
    "nextCursor": null
  }
}
Take a vault.id from that list and fetch its balances: 
curl https://customer-api.fortary.io/v1/vaults/vault_3f8a2c1d9b/balances \
  -H "Authorization: Bearer fkc_..."
  • Authentication — create a key, send the token, manage expiry and IP allowlists, revoke and rotate.
  • Authorization — how access is decided, and what 401/403/404 mean.
  • Pagination — how to page through list endpoints with nextCursor.
  • Errors — the error envelope and how to handle failures.
  • Identifiers & data formats — how vaults, networks, assets, amounts, and timestamps are represented.