GET
/
payments
List payments.
curl --request GET \
  --url https://sandbox.api.openfx.com/v1/payments \
  --header 'Authorization: Bearer <token>' \
  --header 'X-Signature: <api-key>' \
  --header 'X-Timestamp: <api-key>'
{
  "items": [
    {
      "id": "pmt_01953e1a5f4b7005",
      "customerId": "cus_01953e1a5f4b7000",
      "sourceAccountId": "acc_01953e1a5f4b7002",
      "counterpartyId": "cpt_01953e1a5f4b7004",
      "paymentMethodId": "pm_01953e1a5f4b7300",
      "status": "completed",
      "direction": "outbound",
      "rail": "ach",
      "sendAmount": {
        "currency": "USD",
        "amount": "1500.00"
      },
      "receiveAmount": {
        "currency": "USD",
        "amount": "1500.00"
      },
      "amountInputSide": "send",
      "executionPreference": "at_market",
      "fees": {
        "feeAmount": {
          "currency": "USD",
          "amount": "2.50"
        },
        "feeCurrency": "USD",
        "feeComponents": [
          {
            "type": "ach_fee",
            "amount": "2.50",
            "currency": "USD"
          }
        ]
      },
      "totalDebitAmount": {
        "currency": "USD",
        "amount": "1502.50"
      },
      "cancellationState": "not_cancelable",
      "reference": "INV-2026-001",
      "metadata": {},
      "createdAt": "2026-02-23T12:00:00Z",
      "updatedAt": "2026-02-23T12:05:00Z",
      "completedAt": "2026-02-23T12:05:00Z"
    }
  ],
  "pagination": {
    "hasMore": true,
    "nextCursor": "<string>"
  }
}

Authorizations

Authorization
string
header
required

API key issued at onboarding. Passed as a Bearer token in the Authorization header: Authorization: Bearer <api-key>. Identifies the caller and determines organization scope. Invalid or revoked keys return 401 with error type authentication_error.

X-Signature
string
header
required

Ed25519 or RSA-SHA256 asymmetric signature over the request payload (ADR-0015). Provides request integrity and non-repudiation. The signature covers the HTTP method, path, query string, request body, and timestamp. Invalid signatures return 401 with error type authentication_error.

X-Timestamp
string
header
required

Unix timestamp (seconds) of when the request was signed. Server rejects requests where the timestamp drifts beyond +/-60 seconds from server time to prevent replay attacks. Must match the timestamp used in the signature computation.

Query Parameters

limit
integer
default:50

Maximum number of items to return. Default 50, max 200.

Required range: 1 <= x <= 200
starting_after
string

Cursor for forward pagination. Return items created after the item with this ID. Mutually exclusive with ending_before.

ending_before
string

Cursor for backward pagination. Return items created before the item with this ID. Mutually exclusive with starting_after.

createdAt[gte]
string<date-time>

Filter items created at or after this timestamp.

Example:

"2026-01-01T00:00:00Z"

createdAt[lte]
string<date-time>

Filter items created at or before this timestamp.

Example:

"2026-12-31T23:59:59Z"

customerId
string

Customer resource identifier.

Pattern: ^cus_[A-Za-z0-9]+$
Example:

"cus_01953e1a5f4b7000"

status
enum<string>

External lifecycle status of a payment. Terminal states: completed, returned, reversed, refunded, failed, canceled.

Available options:
created,
requires_action,
in_review,
processing,
completed,
returned,
reversed,
refunded,
failed,
canceled
rail
enum<string>

Payment rail used for delivery.

Available options:
ach,
fedwire,
swift,
crypto,
open

Response

Payment list.

items
object[]
required
pagination
object
required

Cursor-based pagination metadata. Returned on all list endpoints.