GET
/
collections
List collections.
curl --request GET \
  --url https://sandbox.api.openfx.com/v1/collections \
  --header 'Authorization: Bearer <token>' \
  --header 'X-Signature: <api-key>' \
  --header 'X-Timestamp: <api-key>'
{
  "items": [
    {
      "id": "col_01953e1a5f4b7c00",
      "customerId": "cus_01953e1a5f4b7000",
      "destinationAccountId": "acc_01953e1a5f4b7002",
      "counterpartyId": "cpt_01953e1a5f4b7004",
      "paymentMethodId": "pm_01953e1a5f4b7300",
      "rail": "ach",
      "amount": {
        "currency": "USD",
        "amount": "2500.00"
      },
      "direction": "inbound",
      "status": "completed",
      "cancellationState": "not_cancelable",
      "totalCreditAmount": {
        "currency": "USD",
        "amount": "2495.00"
      },
      "reference": "INVOICE-2026-001",
      "createdAt": "2026-02-25T10:00:00Z",
      "updatedAt": "2026-02-25T10:05:00Z",
      "submittedAt": "2026-02-25T10:00:01Z",
      "completedAt": "2026-02-25T10:05:00Z"
    }
  ],
  "pagination": {
    "hasMore": true,
    "nextCursor": "<string>"
  }
}

Authorizations

Authorization
string
header
required

API key issued at onboarding. Passed as a Bearer token in the Authorization header: Authorization: Bearer <api-key>. Identifies the caller and determines organization scope. Invalid or revoked keys return 401 with error type authentication_error.

X-Signature
string
header
required

Ed25519 or RSA-SHA256 asymmetric signature over the request payload (ADR-0015). Provides request integrity and non-repudiation. The signature covers the HTTP method, path, query string, request body, and timestamp. Invalid signatures return 401 with error type authentication_error.

X-Timestamp
string
header
required

Unix timestamp (seconds) of when the request was signed. Server rejects requests where the timestamp drifts beyond +/-60 seconds from server time to prevent replay attacks. Must match the timestamp used in the signature computation.

Query Parameters

limit
integer
default:50

Maximum number of items to return. Default 50, max 200.

Required range: 1 <= x <= 200
starting_after
string

Cursor for forward pagination. Return items created after the item with this ID. Mutually exclusive with ending_before.

ending_before
string

Cursor for backward pagination. Return items created before the item with this ID. Mutually exclusive with starting_after.

createdAt[gte]
string<date-time>

Filter items created at or after this timestamp.

Example:

"2026-01-01T00:00:00Z"

createdAt[lte]
string<date-time>

Filter items created at or before this timestamp.

Example:

"2026-12-31T23:59:59Z"

status
enum<string>

Collection lifecycle status. ACH debits have a 60-day return window even after reaching completed.

Available options:
pending,
requires_action,
submitted,
processing,
completed,
returned,
failed,
canceled
customerId
string

Customer resource identifier.

Pattern: ^cus_[A-Za-z0-9]+$
Example:

"cus_01953e1a5f4b7000"

Response

Collection list.

items
object[]
required
pagination
object
required

Cursor-based pagination metadata. Returned on all list endpoints.