How Barfinex Works
Building with the API — single gateway
Use the Barfinex Provider as the single entry point for REST and WebSocket. One origin, one token, no need to expose Advisor, Inspector, or Detector directly.
Recommendation: route everything through the Provider
Use the Provider as your only API gateway. The Provider already aggregates data (accounts, orders, candles, connectors, detectors, inspectors) and streams events over WebSocket. Proxying Advisor, Inspector, and Detector through the Provider gives you:
- Single entry point — One origin, one base URL
- Single authentication — One API token (Bearer or x-api-token)
- Simpler CORS — No need to expose ports 8008, 8009, 8101 to the browser
- Single WebSocket — All real-time events already flow through Provider
/ws
How it works
| Source | Port | Role |
|---|---|---|
| Provider | 8080/8081 | Data, orders, candles, connectors, app registry, WebSocket |
| Advisor | 8009 | LLM, recommendations, news, financial data — via Provider proxy |
| Inspector | 8008 | Risk options, risk dashboard, audit — via Provider proxy |
| Detector | 8101 | Detector selection, metrics, plugins, close position — via Provider proxy |
The Provider proxies requests to Advisor, Inspector, and Detector by appKey. Targets come from the Provider App Registry and are considered active when heartbeat is recent. You always call the same Provider base URL and use paths like /api/advisors/:appKey/..., /api/inspectors/:appKey/..., /api/detectors/:appKey/....
Proxy paths (quick reference)
| Proxy | Method | Provider path | Downstream service |
|---|---|---|---|
| Advisor | ALL | /advisors/:appKey/* | Advisor API |
| Inspector | ALL | /inspectors/:appKey/* | Inspector API |
| Detector | ALL | /detectors/:appKey/* | Detector API |
| Targets | GET | /proxy/targets | List of proxy targets |
Examples:
GET /api/inspectors/inspector/inspector/risk/dashboardGET /api/advisors/advisor/advisor-agent/healthPOST /api/detectors/detector/risk/close-position
Your front-end uses a single base URL (e.g. http://localhost:8080/api for REST and http://localhost:8080 for WebSocket with path /ws). No direct calls to Advisor, Inspector, or Detector URLs from the browser.
What stays on the Provider only
- WebSocket — Centralized at Provider
/ws; events from Advisor, Inspector, and Detector reach the bus and are forwarded to clients by the Provider bridge. - REST data — Accounts, orders, candles, connectors, app registry — only the Provider serves these.
- Proxy — All calls to Advisor, Inspector, and Detector go through the Provider.
Summary
| Question | Answer |
|---|---|
| Should the front-end call Advisor/Inspector/Detector directly? | No; use the Provider proxy. |
| Is the Provider the central piece? | Yes; it aggregates data and WebSocket. |
| What to do in your app? | Use one Provider origin and the routes /advisors/:appKey/*, /inspectors/:appKey/*, /detectors/:appKey/*. |
For full endpoint lists, see Provider API reference, Detector API, Inspector API, and Advisor API.