Skip to content

Finix API Reference (2022-02-01)

The Finix API is resource oriented, relying heavily on common REST principles. Our API uses JSON encoded requests and responses.

You will receive separate Sandbox and Live accounts, as well as corresponding API credentials to access the Finix API.

Authentication

To communicate with the Finix API, you must authenticate your requests via HTTP Basic Authentication with a username:password combination, which you can get from your Finix Dashboard. If you do not have a Dashboard yet, you can test our APIs with the Sandbox credentials below.

ParameterValue
Sandbox UsernameUSsRhsHYZGBPnQw8CByJyEQW
Sandbox Password8a14c2f9-d94b-4c72-8f5c-a62908e5b30e
Request Format
curl "https://finix.sandbox-payments-api.com/" \
    -H "Content-Type: application/json" \
    -H "Finix-Version: 2022-02-01" \
    -u USsRhsHYZGBPnQw8CByJyEQW:8a14c2f9-d94b-4c72-8f5c-a62908e5b30e

Environments

Finix provides two environments with distinct base URLs to make API requests.

  1. A Sandbox environment for developing and testing your integration.
  2. A Live environment for processing payments.

These environments are entirely separate and do not share API Credentials.

EnvironmentEndpoint URL
Sandboxhttps://finix.sandbox-payments-api.com
Livehttps://finix.live-payments-api.com
Live Access

To get access to the Live environment, please reach out to your Finix point-of-contact.

HTTP Codes and Errors

Finix uses HTTP codes to communicate whether requests succeeded or failed. Requests to Finix's API return responses within less than one second.

However, communications between card networks and processors can increase response latency. Additionally, response latency for card-present devices can be higher depending on how quickly buyers complete the transaction on payment terminals.

Due of this, requests to the Finix API have a maximum timeout of 5 minutes.

For more details, see Error Codes. Also, you can test for specific errors and responses.

Code Definition Explanation
400Bad RequestWe could not parse your request. Verify you are providing valid JSON.
401UnauthorizedWe could not authenticate your request. Verify your username and password are correct.
402Upstream Processor ErrorErrors caused by 3rd-party service(s).
403ForbiddenYour credentials do not have the correct permissions to perform the request.
404Not FoundWe could not find the specified resource.
405Method Not AllowedThe specified resource does not support the HTTP Method used to submit the request.
406Not AcceptableThe server could accept the submitted request. Confirm how the request was formatted and submitted.
409ConflictThe submitted request conflicts with the current state of the server.
422Unprocessable EntityThe parameters were valid, but the request failed. Usually, the error involves misunderstanding of how to perform the request (e.g., creating a transfer with a seller that is not-yet-approved).
500Internal Server ErrorWe had a problem with our server. Try again later.

Idempotent Requests

The Authorization and Transfer resources both have an idempotency_id field. Use this field to ensure the API Request is performed only once.

Why is this important? We've all experienced a checkout page that hangs on a request or payment, and feared that if we refresh or submit the payment again, we'd be charged twice.

Finix removes this ambiguity with the idempotency_id. You or the user can generate a unique ID that can be included as an idempotency_id with the usual request payload. If anyone attempts a request with the same idempotency_id, the response will raise an exception.

By passing an idempotency_id in the body of your requests, you can be rest assured that when you create an Authorization or Transfer, the user will be protected from potential network issues.

idempotency_id is available on the following three endpoints:

  • /transfers
  • /authorizations
  • /transfers/{id}/reversals
`idempotency_id` scope

idempotency_id checks against previous requests made on the same endpoint.

Query Parameters

Every Finix resource (e.g., Authorizations, Transfers) can be listed and reviewed using GET requests. Additionally, every endpoint has query parameters available to help you filter the resources that are returned.

See the following example of how to query the Transfers endpoint for Transfer resources with type: DEBIT.

Query Parameter Example
curl "https://finix.sandbox-payments-api.com/transfers?type=DEBIT" \
    -H "Finix-Version: 2022-02-01" \
    -u USsRhsHYZGBPnQw8CByJyEQW:8a14c2f9-d94b-4c72-8f5c-a62908e5b30e

Tags

Many Finix resources (e.g., Authorization, Transfer) let you include tags to add key-value metadata to your Finix API resources. For example, when creating a Transfer, you might include customerId: Customer123 to tag the Transfer with your internal customer ID. You can update tags as many times as needed, as well as filter resources by tags.

Tags Example
{
    ...,
    "tags": {
        "card-type": "business card",
        "order_number": "H-1257",
        "customer_order_reference": "order1234",
        "item_type": "hardware",
        "vendor": "finix"
    }
}

The tags object accepts up to 50 key: value pairs to annotate resources with custom metadata.

  • Maximum character length for individual keys is 40.
  • Maximum character length for individual values is 500.
Special Characters

Finix does not allow special characters on tags (e.g., \, ,, ", ')

Versioning

As Finix improves our products and features, we will make changes to our APIs. When breaking changes are made to Finix's API, we may release a new dated API version.

The API version your requests use controls how API responses and webhooks behave (for example, the values you see in responses and the parameters you can include in requests). For more information, see Versioning.


Postman Collection

Finix has a Postman collection to help in your development. You can fork it using the button below.

Run In Postman

Overview
URL
https://finix.com
Finix
support@finix.com
Languages
Servers
Sandbox server
https://finix.sandbox-payments-api.com/
Production server
https://finix.live-payments-api.com/

Authorizations

An Authorization (also known as a card hold) reserves a specific amount on a card to be captured (i.e. debited) at a later date, usually within seven days. When an Authorization is captured it produces a Transfer resource.

Related Guides:

Operations

Compliance Forms

To process payments, your Merchants must validate their compliance with PCI DSS requirements annually. To do this, your Merchants must attest to PCI Self-Assessment Questionnaire (SAQ) compliance forms.

Related Guides:

Operations

Devices

A Device resource represents a Point-of-Sale terminal. Devices are used for In-Person transactions.

Related Guides:

Operations

Disputes

Disputes, also known as chargebacks, are customer-disputed charges. A core part of the dispute lifecycle is the ability for a Merchant to upload evidence supporting their side.

Related Guides:

Operations

Fees

A Fee is a charge levied against a Merchant. It represents how a platform charges its sellers for all various types of Fees. Payment transactions generate Fee resources.

Operations

Fee Profiles

A fee_profiles represents a pricing scheme that automatically applies fees to each transaction. Changes to fee_profiles go into effect immediately.

Related Guides:

Operations

Files

Use Finix's File API to upload and manage files for your merchants.

Related Guides:

Operations

Identities

An Identity resource represents either a person or business in Finix. You'll create an Identity to onboard your sellers, and verify the different owners.

Related Guides:

Operations

Merchants

A Merchant resource represents the entity's merchant account on a processor. Your Merchant must be APPROVED to process payments.

Related Guides:

Operations

Onboarding Forms

Finix offers and hosts pre-built onboarding forms that you can use to collect onboarding and identity verification information from your users.

Related Guides:

Operations

Payment Instruments

A Payment Instrument resource represents the payment details of a credit card or bank account. Payment details get tokenized multiple times and each tokenization produces a unique Payment Instrument.

A Payment Instrument is associated with a single Identity. Once a Payment Instrument is created, the Identity it's associated with can't be changed.

Including an address when creating a Payment Instrument can lower interchange on credit card transactions.

Related Guides:

Operations

Payment Instrument Associations

In Finix, Payment Instruments are tied to the owner of that account. For example, Payment Instruments tied to buyer will be the cards used for purchases while Payment Instruments tied to a Merchant are the bank accounts where they receive settlements.

Therefore when billing events occur that are tied to a buyer's Payment Instrument (e.g. enrolling in account updater, using Plaid for tokenization, etc) Finix cannot automatically map those fees to a specific Merchant. By default, these costs are instead charged to your Application (e.g. the Platform, Marketplace, Vertical Saas owner's account) and will be deducted from your residual. If you wish to monetize these offerings or pass the fees on to your Merchant you must explicitly link the buyers Payment Instrument to a Merchant resource using the Payment Instrument Association

Operations

Create a Payment Instrument Association

Request

Create a Payment Instrument Association to associate a Payment Instrument with a Merchant for fee assignment purposes.

Security
BasicAuth
Headers
Finix-Versionstring

Specify the API version of your request. For more details, see Versioning.

Default 2022-02-01
Example: 2022-02-01
Content-Typestring

The data type being sent in the request body must be application/json.

Example: application/json
Bodyapplication/jsonrequired
merchant_idstringrequired

The ID of the Merchant that fees will be applied to.

Example: "MUcgYZswyRfqSSbvMsxuaHxZ"
payment_instrument_idstringrequired

The ID of the Payment Instrument whose events will be charged to the specified merchant.

Example: "PIcgYZswyRfqSSbvMsxuaHxZ"
tagsobject or null

Include up to 50 key: value pairs to annotate requests with custom metadata.

  • Maximum character length for individual keys is 40.
  • Maximum character length for individual values is 500. (For example, order_number: 25, item_type: produce, department: sales)
curl -i -X POST \
  -u USfdccsr1Z5iVbXDyYt7hjZZ:313636f3-fac2-45a7-bff7-a334b93e7bda \
  https://finix.sandbox-payments-api.com/payment_instrument_associations \
  -H 'Content-Type: application/json' \
  -H 'Finix-Version: 2022-02-01' \
  -d '{
    "merchant_id": "MUcgYZswyRfqSSbvMsxuaHxZ",
    "payment_instrument_id": "PIcgYZswyRfqSSbvMsxuaHxZ"
  }'

Responses

A single Payment Instrument Association

Headers
datestring

A response header indicating the date and time of the API request.

Example: "Tue, 08 Jul 2025 17:38:01 GMT"
finix-apiuser-rolestring

This response header indicating the role of the user who sent the API request.

Enum"ROLE_PLATFORM""ROLE_PARTNER""ROLE_MERCHANT"
Example: "ROLE_PARTNER"
x-request-idstring

This response header provides a unique identifier for the API request.

Example: "055972f6534f92a896fbb61b11313ebb"
Bodyapplication/json
idstring

The ID of the Payment Instrument Association.

Example: "instrument_association_9xZ6pUo5fXb7aAB4o3TqkK"
created_atstring(date-time)

Timestamp of when the object was created.

updated_atstring(date-time)

Timestamp of when the object was last updated.

application_idstring

The ID of the Application the resource was created under.

Example: "APxxx"
enabledboolean

Indicates whether this current Payment Instrument Association is enabled.

instrument_idstring

The ID of the Payment Instrument whose events will be charged to the specified merchant.

Example: "PIcgYZswyRfqSSbvMsxuaHxZ"
merchant_idstring

The ID of the Merchant that fees will be applied to.

Example: "MUcgYZswyRfqSSbvMsxuaHxZ"
tagsobject or null

Include up to 50 key: value pairs to annotate requests with custom metadata.

  • Maximum character length for individual keys is 40.
  • Maximum character length for individual values is 500. (For example, order_number: 25, item_type: produce, department: sales)
_linksobject
Response
application/json
{
  "id": "payment_instrument_association_iCfFgdmmVF3koH1gqxmgdV",
  "created_at": "2026-03-26T01:31:42.33Z",
  "updated_at": "2026-03-26T01:31:42.33Z",
  "application_id": "APc9vhYcPsRuTSpKD9KpMtPe",
  "enabled": true,
  "merchant_id": "MUcgYZswyRfqSSbvMsxuaHxZ",
  "payment_instrument_id": "PIdw4YZhGVryETJXjiXVXCWH",
  "tags": {},
  "_links": {
    "self": {}
  }
}

List Payment Instrument Associations

Request

Retrieve a list of Payment Instrument Association resources.

Security
BasicAuth
Query
after_cursorstring

Return every resource created after the cursor value.

before_cursorstring

Return every resource created before the cursor value.

limitinteger

The numbers of items to return.

Example: limit=10
merchant_idstring

Filter by Merchant ID.

Example: merchant_id=MUeDVrf2ahuKc9Eg5TeZugvs
payment_instrument_idstring

Filter by Payment Instrument ID.

Example: payment_instrument_id=PIcgYZswyRfqSSbvMsxuaHxZ
application_idstring

Filter by Application ID.

Example: application_id=APc9vhYcPsRuTSpKD9KpMtPe
Headers
Finix-Versionstring

Specify the API version of your request. For more details, see Versioning.

Default 2022-02-01
Example: 2022-02-01
curl "https://finix.sandbox-payments-api.com/payment_instrument_associations" \
-H "Content-Type: application/json" \
-H "Finix-Version: 2022-02-01" \
-u USfdccsr1Z5iVbXDyYt7hjZZ:313636f3-fac2-45a7-bff7-a334b93e7bda

Responses

List of Instrument Association resources

Headers
datestring

A response header indicating the date and time of the API request.

Example: "Tue, 08 Jul 2025 17:38:01 GMT"
finix-apiuser-rolestring

This response header indicating the role of the user who sent the API request.

Enum"ROLE_PLATFORM""ROLE_PARTNER""ROLE_MERCHANT"
Example: "ROLE_PARTNER"
x-request-idstring

This response header provides a unique identifier for the API request.

Example: "055972f6534f92a896fbb61b11313ebb"
Bodyapplication/json
pageobject

Details the page that's returned.

_embeddedobject
_linksobject
Response
application/json
{
  "_embedded": {
    "payment_instrument_associations": []
  },
  "_links": {
    "self": {},
    "next": {}
  },
  "page": {
    "limit": 100,
    "next_cursor": "payment_instrument_association_iCfFgdmmVF3koH1gqxmgdV"
  }
}

Fetch a Payment Instrument Association

Request

Retrieve the details of an existing Payment Instrument Association.

Security
BasicAuth
Path
payment_instrument_association_idstringrequired

The Payment Instrument Fee Association ID.

Example: payment_instrument_association_63r1sMopQ1xwfzyQuTTRSd
Headers
Finix-Versionstring

Specify the API version of your request. For more details, see Versioning.

Default 2022-02-01
Example: 2022-02-01
curl "https://finix.sandbox-payments-api.com/payment_instrument_associations/payment_instrument_association_iCfFgdmmVF3koH1gqxmgdV" \
-H "Content-Type: application/json" \
-H "Finix-Version: 2022-02-01" \
-u USfdccsr1Z5iVbXDyYt7hjZZ:313636f3-fac2-45a7-bff7-a334b93e7bda

Responses

A single Payment Instrument Association

Headers
datestring

A response header indicating the date and time of the API request.

Example: "Tue, 08 Jul 2025 17:38:01 GMT"
finix-apiuser-rolestring

This response header indicating the role of the user who sent the API request.

Enum"ROLE_PLATFORM""ROLE_PARTNER""ROLE_MERCHANT"
Example: "ROLE_PARTNER"
x-request-idstring

This response header provides a unique identifier for the API request.

Example: "055972f6534f92a896fbb61b11313ebb"
Bodyapplication/json
idstring

The ID of the Payment Instrument Association.

Example: "instrument_association_9xZ6pUo5fXb7aAB4o3TqkK"
created_atstring(date-time)

Timestamp of when the object was created.

updated_atstring(date-time)

Timestamp of when the object was last updated.

application_idstring

The ID of the Application the resource was created under.

Example: "APxxx"
enabledboolean

Indicates whether this current Payment Instrument Association is enabled.

instrument_idstring

The ID of the Payment Instrument whose events will be charged to the specified merchant.

Example: "PIcgYZswyRfqSSbvMsxuaHxZ"
merchant_idstring

The ID of the Merchant that fees will be applied to.

Example: "MUcgYZswyRfqSSbvMsxuaHxZ"
tagsobject or null

Include up to 50 key: value pairs to annotate requests with custom metadata.

  • Maximum character length for individual keys is 40.
  • Maximum character length for individual values is 500. (For example, order_number: 25, item_type: produce, department: sales)
_linksobject
Response
application/json
{
  "id": "payment_instrument_association_iCfFgdmmVF3koH1gqxmgdV",
  "created_at": "2026-03-26T01:31:42.33Z",
  "updated_at": "2026-03-26T01:31:42.33Z",
  "application_id": "APc9vhYcPsRuTSpKD9KpMtPe",
  "enabled": true,
  "merchant_id": "MUcgYZswyRfqSSbvMsxuaHxZ",
  "payment_instrument_id": "PIdw4YZhGVryETJXjiXVXCWH",
  "tags": {},
  "_links": {
    "self": {}
  }
}

Settlements

A Settlement represents a collection (i.e. batch) of Settlement Entries that will get paid out to a specific Merchant. A Settlement Entry can represent a Transfer, custom Fee, or Split Transfer.

Related Guides:

Operations

Settlement Queue Entries

A Settlement Queue Entry resource represents an entry in the settlement queue used to track when and how a transfer is queued to be processed.

If a merchant's settlement_queue_mode is set to MANUAL, all transfers will have a Settlement Queue Entry created and will not be placed into settlement until the Settlement Queue Entry is explicitly released.

Related Guides:

Operations

Split Transfers

Transactions can be split among different merchants. A Split Transfer shows how funds from a split Transfer were distributed into a merchant's Settlement.

Related Guides:

Operations

Transfers

A Transfer represents any flow of funds either to or from a Payment Instrument. All payments in Finix are represented by a Transfer.

Related Guides:

Operations

Users

A User resource represents a pair of API keys which are used to perform authenticated requests against the Finix API. When making authenticated requests via HTTP basic access authentication the ID of a User resource maps to the username, while the password corresponds to the password (i.e. secret key).

The password field for a User resource is only returned during the initial creation. Any following GET requests to the resource returns the password field as null for security purposes.

Related Guides:

Operations

Webhooks

Webhooks let you set up integrations that subscribe to automated notifications (events) on the Finix API. When an event is triggered, an HTTP POST payload is sent to the webhook's configured URL.

Related Guides:

Operations

Checkout Forms

Checkout Forms are a low-code solution that enables you to create a customizable payment page where buyers can easily enter their payment details and submit a payment on both desktop and mobile devices.

With Checkout Forms, you can quickly create checkout pages and accept payments from buyers with minimal development work.

Related Guides:

Operations

Gateway Integrations

A Gateway Integration represents a connection to a third-party payment gateway. At this time, the only supported gateway is Cybersource.

Cybersource is a Visa-owned payment gateway that integrates with Finix to provide secure payment processing and fraud management. Finix handles merchant onboarding and payouts through a unified API, while Cybersource manages gateway routing and fraud prevention for global card acceptance.

Operations

Receipts

The Receipt resource generates a receipt for Transfers or Authorizations. You can then send the Receipt via Email, SMS, or use the information from the Receipt to send it yourself.

Related Guides:

Operations

Subscriptions

A Subscription resource represents a recurring charge to a Payment Instrument at regular intervals. Subscribers can be buyers, customers, or merchants.

Subscriptions are supported for USA and Canadian merchants.

When creating a Subscription, you have the option to use a Subscription Plan.

Limitations:

  • Supported countries: Subscriptions are available in the United States and Canada.
  • Supported payment methods: Subscriptions currently support recurring card payments and recurring bank account payments (ACH in the USA).
  • Approved merchants: At this time, only approved merchants with one of the following processors can create subscriptions: DUMMY_V1 and FINIX_V1.

Related Guides:

Operations

Subscription Plans

A Subscription Plan resource is a template with set recurring costs and frequencies that can be reused across multiple Subscription resources.

Related Guides:

Operations

Transfer Attempts

When a user attempts to make a payment using a Checkout Form or Payment Link, or a recipient submitting details with a Payout Link—a Transfer Attempt is created.

Using transfer attempts, you can track the lifecycle of a payment or a series of payments if you are using a multi-use Payment Link.

Checkout Forms and Payment Links support authorizations. If a payment made with them is an authorization, the Transfer Attempt result shows is_authorization: true and references the authorization (authorization_id).

Each Transfer Attempt has as reference to a transfer_id to allow you to query it for additional data.

Related Guides:

Operations

Balances

A Balance resource represents the current financial state of an Application identified by the linked_to query parameter.

It tracks the state of funds processed through the system, including amounts that are:

  • available_amount for immediate use or disbursement.
  • pending_amount due to processing times, holds, or other constraints.
  • posted_amount, which reflects the total sum (including both available and pending funds).
Operations

Balance Adjustments

A Balance Adjustment modifies the account Balance by adding funds (a 'top-up') or reducing funds for Payouts. Each adjustment is linked to a specific payment rail (e.g., ACH, card, wire).

Related Guides:

Operations

Disbursement Rules

For the Payouts product, when a payout is executed, such as a Push-To-Card or ACH transaction, Finix checks the transaction against velocity rules and balance rules.

Rules establish limits on transactions. For example, there may be a daily transaction limit of 100 transactions (count_limit) or a monthly volume limit of $100,000 (volume_limit). If a transaction exceeds any defined limit, the transaction is rejected.

Rules are set for entities involved in transactions, including the application, senders, and recipients.

The "Application" represents the customer to whom Finix is applying the rules. Application rules are set solely by Finix and are applied to every single transaction.

You can establish rules for "senders" and "recipients," referring to the parties involved in transactions:

  • In the case of a PULL_FROM_CARD or PULL_FROM_ACH transaction, sender rules are applied (either card or ACH rules). The "target" of the pull is referred to as the "sender," specifically the customer of Finix's client.
  • Conversely, in the case of a PUSH_FROM_CARD or PUSH_FROM_ACH transaction, the recipient rules are applied (either card or ACH rules). The "target" of the push is referred to as the "recipient," which is, in turn, the customer of Finix's client.
Operations

Application Profiles

The Application Profile resource is used to configure the application's Fee Profile and Risk Profile.

Related Guides:

Operations

Applications

The Application resource represents your app. For example, an iOS app, website, online marketplace, SaaS platform, etc. – any web service that connects buyers (i.e. customers) and sellers (i.e. merchants). In other words, an Application is a resource that represents the program you're integrating with Finix and using to connect with customers (i.e. buyers).

Related Guides:

Operations

Balance Transfers

Our Balance Transfers API provides platforms the option to create a money movement between their FBO (For the Benefit Of) Settlement account and their operating account. This is only available for Finix Core customers with LITLE_V1 credentials.

If you have any questions, please reach out to your Finix point of contact or contact the Finix Support team.

Operations

Merchant Profiles

A Merchant Profile connects a Merchant to its profiles, including a Fee Profile, a Payout Profile, and a Risk Profile.

Every Merchant has exactly one Merchant Profile. When a Merchant is created, a Merchant Profile is automatically generated and seeded with the profiles defined on the Application Profile. You can then update the Merchant Profile to assign a different Fee Profile or Risk Profile, overriding the application-level defaults for that specific Merchant.

Related Guides:

Operations

Payout Profiles

A Payout Profile configures how fees and payouts get calculated and processed.

Related Guides:

Operations

Review Queue Items

Funds are released to sub-merchants when a Settlement's corresponding Review Queue Item is marked as ACCEPTED by a user with the appropriate role permissions.

Related Guides:

Operations

Verifications

Verifications are used to verify Identities and Payment Instruments.

For Identities, a verification represents an attempt to onboard and underwrite an identity.

For Payment Instruments, a verification represents getting additional information from the card brands to verify a card is eligible for push to card.

Related Guides:

Operations