{"id":22603598,"url":"https://github.com/qluxzz/avanza","last_synced_at":"2026-02-07T12:02:23.968Z","repository":{"id":35269607,"uuid":"217144833","full_name":"Qluxzz/avanza","owner":"Qluxzz","description":"A Python library for the unofficial Avanza API","archived":false,"fork":false,"pushed_at":"2025-11-11T12:42:07.000Z","size":256,"stargazers_count":130,"open_issues_count":30,"forks_count":53,"subscribers_count":17,"default_branch":"master","last_synced_at":"2025-11-11T14:24:02.172Z","etag":null,"topics":["avanza","banking","finance","personal-finance","python"],"latest_commit_sha":null,"homepage":"https://qluxzz.github.io/avanza/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Qluxzz.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2019-10-23T20:12:15.000Z","updated_at":"2025-11-11T12:27:52.000Z","dependencies_parsed_at":"2024-05-05T22:22:39.172Z","dependency_job_id":"7d61079b-e26c-47f2-9f6c-64afbc5fc124","html_url":"https://github.com/Qluxzz/avanza","commit_stats":{"total_commits":92,"total_committers":14,"mean_commits":6.571428571428571,"dds":0.25,"last_synced_commit":"c9b0934e27d1b1b0f5adcabf437fcb83ff768d12"},"previous_names":[],"tags_count":33,"template":false,"template_full_name":null,"purl":"pkg:github/Qluxzz/avanza","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Qluxzz%2Favanza","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Qluxzz%2Favanza/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Qluxzz%2Favanza/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Qluxzz%2Favanza/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Qluxzz","download_url":"https://codeload.github.com/Qluxzz/avanza/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Qluxzz%2Favanza/sbom","scorecard":{"id":115728,"data":{"date":"2025-08-11","repo":{"name":"github.com/Qluxzz/avanza","commit":"ad36022e335e688c66b9b3bc670c863aeafda932"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5.1,"checks":[{"name":"Code-Review","score":3,"reason":"Found 10/30 approved changesets -- score normalized to 3","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":2,"reason":"3 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 2","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Token-Permissions","score":9,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: topLevel 'contents' permission set to 'read': .github/workflows/docs.yml:11","Warn: no topLevel permission defined: .github/workflows/python-publish.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/Qluxzz/avanza/docs.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/Qluxzz/avanza/docs.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/Qluxzz/avanza/docs.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/Qluxzz/avanza/docs.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-publish.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/Qluxzz/avanza/python-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-publish.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/Qluxzz/avanza/python-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/python-publish.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/Qluxzz/avanza/python-publish.yml/master?enable=pin","Warn: pipCommand not pinned by hash: .github/workflows/docs.yml:23","Warn: pipCommand not pinned by hash: .github/workflows/docs.yml:24","Warn: pipCommand not pinned by hash: .github/workflows/python-publish.yml:27","Warn: pipCommand not pinned by hash: .github/workflows/python-publish.yml:28","Info:   0 out of   6 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 third-party GitHubAction dependencies pinned","Info:   0 out of   4 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/python-publish.yml:12"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 10 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-16T01:13:58.972Z","repository_id":35269607,"created_at":"2025-08-16T01:13:58.972Z","updated_at":"2025-08-16T01:13:58.972Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29194007,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-07T07:37:03.739Z","status":"ssl_error","status_checked_at":"2026-02-07T07:37:03.029Z","response_time":63,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["avanza","banking","finance","personal-finance","python"],"created_at":"2024-12-08T13:07:03.895Z","updated_at":"2026-02-07T12:02:23.962Z","avatar_url":"https://github.com/Qluxzz.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Avanza\n\nA Python library for the unofficial Avanza API. This library is based on the existing JavaScript library [Avanza](https://github.com/fhqvst/avanza).\n\nPlease note that this is only a proof of concept, hence not meant to be used by anyone.\n\nIt might also be valuable to note that I am not affiliated with Avanza Bank AB in any way. The underlying API can be taken down or changed without warning at any point in time.\n\n## Installation\n\n[![](https://img.shields.io/pypi/v/avanza-api?style=flat-square\u0026logo=pypi \"Shiprock, New Mexico by Beau Rogers\")](https://pypi.org/project/avanza-api/)\n\n```python\npip install avanza-api\n```\n\n## Getting a TOTP Secret\n\n**NOTE: Since May 2018 two-factor authentication is required to log in.**\n\nHere are the steps to get your TOTP Secret:\n\n1. Go to Profil \u003e Inställningar \u003e Sajtinställningar \u003e Inloggning och utloggning \u003e Användarnamn \u003e Tvåfaktorsinloggning and click \"Återaktivera\". (_Only do this step if you have already set up two-factor auth._)\n1. Click \"Aktivera\" on the next screen.\n1. Select \"Annan app för tvåfaktorsinloggning\".\n1. Click \"Kan du inte scanna QR-koden?\" to reveal your TOTP Secret.\n1. Generate the TOTP code using the python code below and paste the TOTP code in the field below where you found the TOTP Secret.\n1. Done! From now on all you have to do is supply your secret in the constructor as in the examples below.\n\n#### Generate TOTP code:\n\n```Python\nimport hashlib\nimport pyotp\ntotp = pyotp.TOTP('MY_TOTP_SECRET', digest=hashlib.sha1)\nprint(totp.now())\n```\n\n## Example\n\nAuthenticate and fetch account overview:\n\n```python\nfrom avanza import Avanza\navanza = Avanza({\n    'username': 'MY_USERNAME',\n    'password': 'MY_PASSWORD',\n    'totpSecret': 'MY_TOTP_SECRET'\n})\n\noverview = avanza.get_overview()\n```\n\nGet info about a certain account\n\n```python\nfrom avanza import Avanza, TimePeriod\n\navanza = Avanza({\n    'username': 'MY_USERNAME',\n    'password': 'MY_PASSWORD',\n    'totpSecret': 'MY_TOTP_SECRET'\n})\n\nreport = avanza.get_insights_report(\n    account_id='XXXXXXX',\n    time_period=TimePeriod.ONE_WEEK\n)\n```\n\nPlace an order\n\n```python\nfrom avanza import Avanza, OrderType\n\navanza = Avanza({\n    'username': 'MY_USERNAME',\n    'password': 'MY_PASSWORD',\n    'totpSecret': 'MY_TOTP_SECRET'\n})\n\nresult = avanza.place_order(\n    account_id='XXXXXXX',\n    order_book_id='XXXXXX',\n    order_type=OrderType.BUY,\n    price=13.37,\n    valid_until=date.fromisoformat('2011-11-11'),\n    volume=42\n)\n```\n\n## Testing\n\nTests are stored in [/tests](https://github.com/Qluxzz/avanza/tree/master/tests)\n\nThe tests are using [Pydanctic](https://github.com/pydantic/pydantic) models which are used to validate that the response model is what's expected\n\nThere are tests that call all available GET endpoints and validates that the response model of these endpoints are correct and that the endpoint still exists\n\nTo run the tests you first need to create a `.env` file and have the following keys in it:\n\n```\nUSERNAME=\nPASSWORD=\nTOTP_SECRET=\nACCOUNT_ID=\nPRICE_ALERT_ORDER_BOOK_ID=\n```\n\nThen you can do one of the following:\n\n- To run all tests: `python -m unittest`.\n- To run a single test, such as `test_overview`: `python3 -m unittest tests.test_endpoints.ReturnModelTest.test_overview`.\n\n## Extending/updating the API\n\nSuppose we want to add a new method `get_foo_bar` to the API defined by `avanza.py` along with a test that both\n\n- shows that the request sent by our new method yields a successful response from the server, and\n- starts failing whenever Avanza makes breaking changes (attribute removal or data type changes) to their API.\n\nThe steps are then roughly these:\n\n1. Add the method to `avanza.py`, making it call a URI using a route that you add to `constants.py`.\n1. Add a simple test to `tests/test_endpoints.py` which calls the method using the `get_or_cache`\n   wrapper function (but does not yet validate the JSON response received).\n1. Run the test (see `Testing` above). As part of running the test, the said wrapper function will generate the file `get_foo_bar.json`.\n1. Generate Pydantic models corresponding to the JSON response using the tool `datamodel-code-generator`:\n   1. Install the tool into your virtual environment using `pip install datamodel-code-generator`.\n   1. Run\n      ```\n      datamodel-codegen --class-name=FooBar --enable-version-header --target-python-version=3.9 \\\n        --input get_foo_bar.json --input-file-type=json \\\n        --output avanza/models/foo_bar.py --output-model-type=pydantic_v2.BaseModel\n      ```\n      to generate a tree of models corresponding to the JSON response to the module\n      `avanza/models/foo_bar.py`. Note: The `--target-python-version` should match whatever\n      version `REQUIRES_PYTHON` in `setup.py` indicates.\n   1. Add the necessary import to `avanza/models/__init__.py`.\n1. Update the test to validate the JSON response against the newly created model by adding the\n   appropriate `model_validate` call. This way, the test will fail if Avanza updates their API (by default,\n   attribute removals and data type changes will cause a test failure, but not addition of new attributes).\n\n## License\n\nMIT license. See the LICENSE file for details.\n\n## Responsibilities\n\nThe author of this software is not responsible for any indirect damages (foreseeable or unforeseeable), such as, if necessary, loss or alteration of or fraudulent access to data, accidental transmission of viruses or of any other harmful element, loss of profits or opportunities, the cost of replacement goods and services or the attitude and behavior of a third party.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fqluxzz%2Favanza","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fqluxzz%2Favanza","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fqluxzz%2Favanza/lists"}