GET
/
customers
/
{customerId}
Get customer.
curl --request GET \
  --url https://sandbox.api.openfx.com/v1/customers/{customerId} \
  --header 'Authorization: Bearer <token>' \
  --header 'X-Signature: <api-key>' \
  --header 'X-Timestamp: <api-key>'
{
  "id": "cus_01953e1a5f4b7000",
  "entityId": "ent_01953e1a5f4b7100",
  "type": "business",
  "status": "active",
  "kybStatus": "approved",
  "capabilities": [
    "accounts",
    "payments",
    "fx",
    "crypto"
  ],
  "metadata": {},
  "createdAt": "2026-02-23T12:00:00Z",
  "updatedAt": "2026-02-23T13:00:00Z"
}

Authorizations

Authorization
string
header
required

API key issued at onboarding. Passed as a Bearer token in the Authorization header: Authorization: Bearer <api-key>. Identifies the caller and determines organization scope. Invalid or revoked keys return 401 with error type authentication_error.

X-Signature
string
header
required

Ed25519 or RSA-SHA256 asymmetric signature over the request payload (ADR-0015). Provides request integrity and non-repudiation. The signature covers the HTTP method, path, query string, request body, and timestamp. Invalid signatures return 401 with error type authentication_error.

X-Timestamp
string
header
required

Unix timestamp (seconds) of when the request was signed. Server rejects requests where the timestamp drifts beyond +/-60 seconds from server time to prevent replay attacks. Must match the timestamp used in the signature computation.

Path Parameters

customerId
string
required

Unique identifier of the customer (cus_ prefix). Customer resource identifier.

Pattern: ^cus_[A-Za-z0-9]+$
Example:

"cus_01953e1a5f4b7000"

Response

Customer details.

Wraps an entity with program context and compliance status. A customer must reach active status before accounts can be opened. Supports progressive onboarding via the submit action.

id
string
required

Customer resource identifier.

Pattern: ^cus_[A-Za-z0-9]+$
Example:

"cus_01953e1a5f4b7000"

entityId
string
required

Entity resource identifier.

Pattern: ^ent_[A-Za-z0-9]+$
Example:

"ent_01953e1a5f4b7100"

type
enum<string>
required

Derived from the underlying entity type.

Available options:
individual,
business
status
enum<string>
required

Lifecycle status of a customer. Progresses from draft through review to active. Terminal states: rejected, closed.

Available options:
draft,
submitted,
under_review,
active,
rejected,
suspended,
closed
kybStatus
enum<string>
required

Know Your Business verification status.

Available options:
not_started,
pending,
approved,
rejected,
requires_info
createdAt
string<date-time>
required

UTC timestamp in RFC 3339 / ISO 8601 format.

Example:

"2026-02-23T12:00:00Z"

updatedAt
string<date-time>
required

UTC timestamp in RFC 3339 / ISO 8601 format.

Example:

"2026-02-23T12:00:00Z"

capabilities
enum<string>[]

Capabilities unlocked for this customer. Granted progressively.

Capabilities unlocked for a customer. Granted progressively.

Available options:
accounts,
payments,
fx,
crypto
sourceOfFunds
enum<string>

Primary source of funds for this customer's business activities.

Available options:
business_revenue,
venture_capital,
private_equity,
personal_savings,
loans_or_credit,
grants,
investment_income,
other
sourceOfFundsDescription
string

Free-text elaboration when sourceOfFunds is other.

Maximum string length: 500
metadata
object

Consumer-defined key-value store. Available on all primary resources. Max 50 keys. Keys must match ^[a-zA-Z0-9_]{1,40}$. Values are strings (max 500 chars) or null.