Use our API

Swan is an API-first company, therefore all our features are accessible through a GraphQL API. This lets you integrate our banking services into your product.

Authenticate using OAuth

The GraphQL API requires a Project access token to make authenticated requests. To get an access token you need access to your administration Dashboard. Go to API where you will find your Client ID and Client Secret. Then follow the OAuth project access token tutorial to obtain an access token.
Beware that your credentials are different between the sandbox and live environments.


Swan is proud of providing its partners with the highest quality technology, that's why our API is based on GraphQL. Unlike REST API, just one endpoint is used for each request, but JSON is still used for sending and receiving data.
You can access the API using our API Explorer, curl, or any HTTP client. We even provide you with examples for the Postman app.

Use the API Explorer

We highly recommend using Swan's API Explorer to discover what it's like to use our services using the GraphQL API.
Overview of the API Explorer interface
Using the API Explorer allows you to bypass the OAuth process. As long as you are connected to the Dashboard, we handle authentication for you. In the top left-hand corner, you can choose which authentication you want to use, calling the API either as a project or as a sandbox user. By default, we create a sandbox user when you gain access to the dashboard.
We also provide the API documentation in this tool. You can find references for each mutation or variable in the panel on the right.

Use curl

You can also test our API through curl or any other http client. The following example is a query to get the ids and IBAN of all the accounts in your project. Replace {{YOUR_ACCESS_TOKEN}} with the access token you obtained during authentication and you are good to go.
curl -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer {{YOUR_ACCESS_TOKEN}}' \
-d '{"query":"query MyQuery{ accounts { edges { node { id IBAN } } } }"}'
"data": {
"accounts": {
"edges": [
"node": {
"id": "{{YOUR_ID}}",

Rate limiting

We impose rate limits on our endpoints to protect our API.
The default limit for each IP is 2,000 requests every 5 minutes. If you send over 2,000 HTTP requests for a single IP, you'll receive a 429 error code (too many requests). This limit applies to all API endpoints: OAuth2, live, and sandbox.
If you need to increase the rate limits for your use case, send us an email at [email protected].

Next steps

Now that you have all the technical input needed to use the API you are ready to follow the next tutorial: Create new accounts
Or, get a more in-depth view of GraphQL or OAuth2.