Account Holder Funding Sources

Use the /fundingsources/ach, /fundingsources/ach/partner, and /fundingsources/paymentcard endpoints to create account holder funding sources. A funding source enables access to funds outside of the Marqeta platform. For more information on users and businesses, see About Account Holders.

Create ACH source

Action: POST
Endpoint: /fundingsources/ach Create an ACH funding source for an existing account holder. Specify the account holder of the funding source by passing a user or business token. The response body returns details about the account, including the verification status. Possible ACH verification status values include ACH_VERIFIED, ACH_FAILED, and VERIFICATION_PENDING.

Request body

Fields	Description
account_number string Required	ACH account number. Allowable Values: 36 char max
account_type string Required	Type of account. Allowable Values: `checking`, `savings`, `corporate`, `loan`
bank_name string Optional	Name of the financial institution where the ACH account is held. Allowable Values: 255 char max
business_token string Optional	Unique identifier of the business account holder. This token is required if a `user_token` is not specified. Allowable Values: 1–36 chars
is_default_account boolean Optional	If there are multiple funding sources, this field specifies which source is used by default in funding calls. If there is only one funding source, the system ignores this field and always uses that source. Allowable Values: `true`, `false` Default value: `false`
name_on_account string Required	Name on the ACH account. Allowable Values: 1–50 chars
routing_number string Required	Routing number for the ACH account. Allowable Values: 9 digits
token string Optional	Unique identifier of the funding source. If you do not include a token, the system will generate one automatically. This token is necessary for use in other calls, so we recommend that rather than let the system generate one, you use a simple string that is easy to remember. This value cannot be updated. Allowable Values: 1–36 chars
user_token string Optional	Unique identifier of the user account holder. This token is required if a `business_token` is not specified. Allowable Values: 1–36 chars
verification_notes string Optional	Free-form text field for holding notes about verification. This field is returned only if `verification_override = true`. Allowable Values: 255 char max
verification_override boolean Optional	Allows the ACH funding source to be used, regardless of its verification status. Set this field to `true` if you can attest that you have verified the account on your own and that it will not be returned by the Federal Reserve. NOTE: When using `PLAID` to validate a funding source, this field is always set to `true`. Allowable Values: `true`, `false` Default value: `false`

Sample request body

JSON

{
  "token": "my_user_01_fundingsource_token_01",
  "user_token": "my_user_01",
  "routing_number": "121000358",
  "name_on_account": "Jane Doe",
  "is_default_account": false,
  "account_number": "987654321",
  "account_type": "savings",
  "verification_notes": "These are my verification notes.",
  "verification_override": true
}

Response body

Fields	Description
account_suffix string Returned	ACH account identifier appended to the bank account number. Allowable Values: 255 char max
account_type string Returned	Type of account. Allowable Values: `checking`, `savings`, `corporate`, `loan`
active boolean Returned	Specifies whether the account is active. Allowable Values: `true`, `false`
bank_name string Conditionally returned	Name of the bank holding the account. This field is returned if it exists in the resource. Allowable Values: 255 char max
business_token string Conditionally returned	Unique identifier of the business account holder. This token is returned if a `user_token` is not specified. Allowable Values: Existing business token
created_time datetime Returned	Date and time when the resource was created, in UTC. Allowable Values: datetime Format: yyyy-MM-ddThh:mm:ssZ
date_sent_for_verification datetime Conditionally returned	Date and time in UTC when the request for account validation was sent to the third-party partner. This field is returned if it exists in the resource. Allowable Values: datetime Format: yyyy-MM-ddThh:mm:ssZ
date_verified datetime Conditionally returned	Date and time when the account was verified, in UTC. This field is returned if it exists in the resource. Allowable Values: datetime Format: yyyy-MM-ddThh:mm:ssZ
is_default_account boolean Conditionally returned	If there are multiple funding sources, this field specifies which source is used by default in funding calls. If there is only one funding source, the system ignores this field and always uses that source. This field is returned if it exists in the resource. Allowable Values: `true`, `false`
last_modified_time datetime Returned	Date and time when the resource was last modified, in UTC. Allowable Values: datetime Format: yyyy-MM-ddThh:mm:ssZ
name_on_account string Returned	Name on the ACH account. Allowable Values: 1–50 chars
partner string Conditionally returned	Name of the partner who validated the account holder. Returned when a third-party partner was used for account validation. Allowable Values: `PLAID`
partner_account_link_reference_token string Conditionally returned	Supplied by the account validation partner, this value is a reference to the account holder’s details, such as the account number and routing number. Returned when a third-party partner was used for account validation. Allowable Values: 255 char max
token string Returned	Unique identifier of the funding source. Allowable Values: Existing funding source token
user_token string Conditionally returned	Unique identifier of the user account holder. This token is returned if a `business_token` is not specified. Allowable Values: Existing user token
verification_notes string Conditionally returned	Free-form text field for holding notes about verification. This field is returned only if `verification_override = true`. Allowable Values: 255 char max
verification_override boolean Conditionally returned	Allows the ACH funding source to be used regardless of its verification status. This field is returned if it exists in the resource. NOTE: When using `PLAID` to validate a funding source, this field is always set to `true`. Allowable Values: `true`, `false`
verification_status string Conditionally returned	Account verification status. This field is returned if it exists in the resource. Allowable Values: `ACH_FAILED`, `ACH_VERIFIED`, `VERIFICATION_PENDING`

Sample response body

JSON

{
  "token": "my_user_01_fundingsource_token_01",
  "created_time": "2023-02-26T18:46:06Z",
  "last_modified_time": "2023-03-26T12:44:02Z",
  "account_suffix": "4321",
  "verification_status": "ACH_VERIFIED",
  "account_type": "savings",
  "name_on_account": "Jane Doe",
  "active": true,
  "date_sent_for_verification": "2023-02-27T07:36:05Z",
  "user_token": "my_user_01",
  "is_default_account": false,
  "date_verified": "2023-02-27T11:03:45Z",
  "verification_override": true,
  "verification_notes": "These are my verification notes."
}

Create ACH source via a partner integration

Action: POST
Endpoint: /fundingsources/ach/partner Create an ACH funding source for an existing account holder by using a third-party partner to handle account validation and provide PII account data. Because you don’t handle any personally identifiable information (PII) yourself, using a third party when creating the funding source enables you to bypass the regulatory and compliance measures related to capturing, storing, and transmitting PII. With this endpoint, you can create a US-based funding source—either a checking account or a savings account—for a program or user without passing bank account details such as the account number or routing number to Marqeta. Instead, validating account data and account verification is handled by the third-party partner you specify, and a secure token (i.e., a Plaid processor_token) is shared across partners. By using a secure account verification platform to provide immediate verification, you shorten the wait time until the ACH funding source is ready and avoid managing the microdeposit-based account verification process. To create an ACH funding source for an existing account holder without validating through a third party, see Create ACH source.

Note
This endpoint assumes that you already have established a relationship with both Marqeta and the third-party account validation partner you want to use. In addition, you must explicitly authorize the sharing of information with the third-party partner, and enable Marqeta as a processor for your integration. For more information, contact your Marqeta representative.

Request body

Fields	Description
partner string Required	Name of the partner who validated the account holder. Returned when a third-party partner was used for account validation. Allowable Values: `PLAID`
partner_account_link_reference_token string Required	Supplied by the account validation partner, this value is a reference to the account holder’s details, such as the account number and routing number. Returned when a third-party partner was used for account validation. Allowable Values: 255 char max
user_token string Optional	Supplied by the account validation partner, this value is a reference to the account holder’s details, such as the account number and routing number. This token is required if a `business_token` is not specified. Send a `GET` request to `/users` to retrieve user tokens. Allowable Values: 1–36 chars
is_default_account boolean Optional	If there are multiple funding sources, this field specifies which source is used by default in funding calls. If there is only one funding source, the system ignores this field and always uses that source. Allowable Values: `true`, `false` Default value: `false`
token string Optional	Unique identifier of the funding source. If you do not include a token, the system will generate one automatically. This token is necessary for use in other calls, so we recommend that rather than let the system generate one, you use a simple string that is easy to remember. This value cannot be updated. Allowable Values: 1–36 chars

Sample request body

JSON

{
  "token": "my_user_01_fundingsource_token_01",
  "user_token": "my_user_01",
  "is_default_account": false,
  "partner": "PLAID",
  "partner_account_link_reference_token": "processor-sandbox-reference-token"
}

Response body

Fields	Description
account_suffix string Returned	ACH account identifier appended to the bank account number. Allowable Values: 255 char max
account_type string Returned	Type of account. Allowable Values: `checking`, `savings`, `corporate`, `loan`
active boolean Returned	Specifies whether the account is active. Allowable Values: `true`, `false`
bank_name string Conditionally returned	Name of the bank holding the account. This field is returned if it exists in the resource. Allowable Values: 255 char max
business_token string Conditionally returned	Unique identifier of the business account holder. This token is returned if a `user_token` is not specified. Allowable Values: Existing business token
created_time datetime Returned	Date and time when the resource was created, in UTC. Allowable Values: datetime Format: yyyy-MM-ddThh:mm:ssZ
date_sent_for_verification datetime Conditionally returned	Date and time in UTC when the request for account validation was sent to the third-party partner. This field is returned if it exists in the resource. Allowable Values: datetime Format: yyyy-MM-ddThh:mm:ssZ
date_verified datetime Conditionally returned	Date and time when the account was verified, in UTC. This field is returned if it exists in the resource. Allowable Values: datetime Format: yyyy-MM-ddThh:mm:ssZ
is_default_account boolean Conditionally returned	If there are multiple funding sources, this field specifies which source is used by default in funding calls. If there is only one funding source, the system ignores this field and always uses that source. This field is returned if it exists in the resource. Allowable Values: `true`, `false`
last_modified_time datetime Returned	Date and time when the resource was last modified, in UTC. Allowable Values: datetime Format: yyyy-MM-ddThh:mm:ssZ
name_on_account string Returned	Name on the ACH account. Allowable Values: 1–50 chars
partner string Conditionally returned	Name of the partner who validated the account holder. Returned when a third-party partner was used for account validation. Allowable Values: `PLAID`
partner_account_link_reference_token string Conditionally returned	Supplied by the account validation partner, this value is a reference to the account holder’s details, such as the account number and routing number. Returned when a third-party partner was used for account validation. Allowable Values: 255 char max
token string Returned	Unique identifier of the funding source. Allowable Values: Existing funding source token
user_token string Conditionally returned	Unique identifier of the user account holder. This token is returned if a `business_token` is not specified. Allowable Values: Existing user token
verification_notes string Conditionally returned	Free-form text field for holding notes about verification. This field is returned only if `verification_override = true`. Allowable Values: 255 char max
verification_override boolean Conditionally returned	Allows the ACH funding source to be used regardless of its verification status. This field is returned if it exists in the resource. NOTE: When using `PLAID` to validate a funding source, this field is always set to `true`. Allowable Values: `true`, `false`
verification_status string Conditionally returned	Account verification status. This field is returned if it exists in the resource. Allowable Values: `ACH_FAILED`, `ACH_VERIFIED`, `VERIFICATION_PENDING`

Sample response body

JSON

{
  "token": "my_user_01_fundingsource_token_01",
  "created_time": "2023-02-26T18:46:06Z",
  "last_modified_time": "2023-03-26T12:44:02Z",
  "account_suffix": "4321",
  "verification_status": "ACH_VERIFIED",
  "account_type": "savings",
  "name_on_account": "Jane Doe",
  "active": true,
  "date_sent_for_verification": "2023-02-27T07:36:05Z",
  "user_token": "my_user_01",
  "is_default_account": false,
  "date_verified": "2023-02-27T11:03:45Z",
  "verification_override": true,
  "verification_notes": "These are my verification notes.",
  "partner": "PLAID",
  "partner_account_link_reference_token": "processor-sandbox-reference-token"
}

Retrieve ACH source

Action: GET
Endpoint: /fundingsources/ach/{funding_source_token} Retrieve a specific ACH funding source. The response body returns details about the account, including the verification status. Possible ACH verification status values are: ACH_FAILED, ACH_VERIFIED, and VERIFICATION_PENDING.

URL path parameters

Fields	Description
funding_source_token string Required	Unique identifier of the funding source. Send a `GET` request to `/fundingsources/user/{user_token}` to retrieve existing funding source tokens for a user or to `/fundingsources/business/{business_token}` to retrieve existing funding source tokens for a business. Allowable Values: Existing ACH funding source token

Response body

Fields	Description
account_suffix string Returned	ACH account identifier appended to the bank account number. Allowable Values: 255 char max
account_type string Returned	Type of account. Allowable Values: `checking`, `savings`, `corporate`, `loan`
active boolean Returned	Specifies whether the account is active. Allowable Values: `true`, `false`
bank_name string Conditionally returned	Name of the bank holding the account. This field is returned if it exists in the resource. Allowable Values: 255 char max
business_token string Conditionally returned	Unique identifier of the business account holder. This token is returned if a `user_token` is not specified. Allowable Values: Existing business token
created_time datetime Returned	Date and time when the resource was created, in UTC. Allowable Values: datetime Format: yyyy-MM-ddThh:mm:ssZ
date_sent_for_verification datetime Conditionally returned	Date and time in UTC when the request for account validation was sent to the third-party partner. This field is returned if it exists in the resource. Allowable Values: datetime Format: yyyy-MM-ddThh:mm:ssZ
date_verified datetime Conditionally returned	Date and time when the account was verified, in UTC. This field is returned if it exists in the resource. Allowable Values: datetime Format: yyyy-MM-ddThh:mm:ssZ
is_default_account boolean Conditionally returned	If there are multiple funding sources, this field specifies which source is used by default in funding calls. If there is only one funding source, the system ignores this field and always uses that source. This field is returned if it exists in the resource. Allowable Values: `true`, `false`
last_modified_time datetime Returned	Date and time when the resource was last modified, in UTC. Allowable Values: datetime Format: yyyy-MM-ddThh:mm:ssZ
name_on_account string Returned	Name on the ACH account. Allowable Values: 1–50 chars
partner string Conditionally returned	Name of the partner who validated the account holder. Returned when a third-party partner was used for account validation. Allowable Values: `PLAID`
partner_account_link_reference_token string Conditionally returned	Supplied by the account validation partner, this value is a reference to the account holder’s details, such as the account number and routing number. Returned when a third-party partner was used for account validation. Allowable Values: 255 char max
token string Returned	Unique identifier of the funding source. Allowable Values: Existing funding source token
user_token string Conditionally returned	Unique identifier of the user account holder. This token is returned if a `business_token` is not specified. Allowable Values: Existing user token
verification_notes string Conditionally returned	Free-form text field for holding notes about verification. This field is returned only if `verification_override = true`. Allowable Values: 255 char max
verification_override boolean Conditionally returned	Allows the ACH funding source to be used regardless of its verification status. This field is returned if it exists in the resource. NOTE: When using `PLAID` to validate a funding source, this field is always set to `true`. Allowable Values: `true`, `false`
verification_status string Conditionally returned	Account verification status. This field is returned if it exists in the resource. Allowable Values: `ACH_FAILED`, `ACH_VERIFIED`, `VERIFICATION_PENDING`

Sample response body

JSON

{
  "token": "my_user_01_fundingsource_token_01",
  "created_time": "2023-02-26T18:46:06Z",
  "last_modified_time": "2023-03-12T04:58:46Z",
  "account_suffix": "4321",
  "verification_status": "ACH_VERIFIED",
  "account_type": "savings",
  "name_on_account": "Jane Doe",
  "active": true,
  "date_sent_for_verification": "2023-02-27T18:00:00Z",
  "user_token": "my_user_01",
  "is_default_account": false,
  "date_verified": "2023-02-27T18:15:00Z",
  "verification_override": true,
  "verification_notes": "These are my verification notes."
}

List sources for business

Action: GET
Endpoint: /fundingsources/business/{business_token} List funding sources associated with a specific business. This endpoint supports field filtering.

URL path parameters

Fields	Description
business_token string Required	Unique identifier of the business account holder. Send a `GET` request to `/businesses` to retrieve business tokens. Allowable Values: Existing business resource token

URL query parameters

Fields	Description
type string Optional	Type of funding source to return: ACH or payment card. Leave unspecified to return both types. Allowable Values: `ACH`, `paymentcard` Default value: unspecified (both types)
fields string Optional	Comma-delimited list of fields to return (`field_1,field_2`, and so on). Leave blank to return all fields. Allowable Values: Comma-delimited list of fields, or blank

Response body

Fields	Description
count integer Conditionally returned	Number of resources to retrieve. This field is returned if there are resources in your returned array. Allowable Values: 1-10
data array of objects Conditionally returned	Array of funding account objects. Objects are returned as appropriate to your query. Allowable Values: Valid data array of one or more funding account objects
data[].account_suffix string Conditionally returned	Account identifier appended to the bank account number. This field is returned if it exists in the resource. Allowable Values: 255 char max
data[].account_type string Conditionally returned	Type of account. This field is returned if it exists in the resource. Allowable Values: `checking`, `savings`, `corporate`, `loan`
data[].active boolean Conditionally returned	Specifies whether the account is active. This field is returned if it exists in the resource. Allowable Values: `true`, `false`
data[].business_token string Conditionally returned	Unique identifier of the business account holder. This token is returned if a `user_token` is not specified. Allowable Values: Existing business token
data[].created_time datetime Returned	Date and time when the resource was created, in UTC. Allowable Values: datetime Format: yyyy-MM-ddThh:mm:ssZ
data[].date_sent_for_verification datetime Conditionally returned	Date and time in UTC when the request for account validation was sent to the third-party partner. This field is returned if it exists in the resource. Allowable Values: Format: yyyy-MM-ddThh:mm:ssZ
data[].date_verified datetime Conditionally returned	Date and time when the account was verified, in UTC. This field is returned if it exists in the resource. Allowable Values: datetime Format: yyyy-MM-ddThh:mm:ssZ
data[].exp_date string Conditionally returned	Payment card expiration date. This field is returned if it exists in the resource. Allowable Values: Format: MMyy
data[].is_default_account boolean Conditionally returned	If there are multiple funding sources, this field specifies which source is used by default in funding calls. If there is only one funding source, the system ignores this field and always uses that source. This field is returned if it exists in the resource. Allowable Values: `true`, `false`
data[].last_modified_time datetime Returned	Date and time when the resource was last modified, in UTC. Allowable Values: datetime Format: yyyy-MM-ddThh:mm:ssZ
data[].name_on_account string Conditionally returned	Name on the account. This field is returned if it exists in the resource. Allowable Values: 1–50 chars
data[].partner string Conditionally returned	Name of the partner who validated the account holder. Returned when a third-party partner was used for account validation. Allowable Values: `PLAID`
data[].partner_account_link_reference_token string Conditionally returned	Supplied by the account validation partner, this value is a reference to the account holder’s details, such as the account number and routing number. Returned when a third-party partner was used for account validation. Allowable Values: 255 char max
data[].token string Conditionally returned	Unique identifier of the funding source. This field is returned if it exists in the resource. Allowable Values: Existing funding source token
data[].type string Conditionally returned	Funding source type. Allowable Values: `ACH`, `paymentcard`
data[].user_token string Conditionally returned	Unique identifier of the user account holder. This token is returned if a `business_token` is not specified. Allowable Values: Existing user token
data[].verification_notes string Conditionally returned	Free-form text field for holding notes about verification. This field is returned only if `verification_override = true`. Allowable Values: 255 char max
data[].verification_override boolean Conditionally returned	Allows the ACH funding source to be used regardless of its verification status. NOTE: When using `PLAID` to validate a funding source, this field is always set to `true`. Allowable Values: `true`, `false`
data[].verification_status string Conditionally returned	Account verification status. This field is returned if it exists in the resource. Allowable Values: `ACH_FAILED`, `ACH_VERIFIED`, `VERIFICATION_PENDING`
end_index integer Conditionally returned	Sort order index of the last resource in the returned array. This field is returned if there are resources in your returned array. Allowable Values: Any integer
is_more boolean Conditionally returned	A value of `true` indicates that more unreturned resources exist. A value of `false` indicates that no more unreturned resources exist. This field is returned if there are resources in your returned array. Allowable Values: `true`, `false`
start_index integer Conditionally returned	Sort order index of the first resource in the returned array. This field is returned if there are resources in your returned array. Allowable Values: Any integer

Sample response body

JSON

{
  "count": 1,
  "start_index": 0,
  "end_index": 0,
  "is_more": false,
  "data": [
    {
      "type": "paymentcard",
      "token": "my_paymentcard_funding_source_01",
      "created_time": "2023-02-26T21:26:13Z",
      "last_modified_time": "2023-02-26T21:26:13Z",
      "account_suffix": "4113",
      "account_type": "corporate",
      "active": true,
      "is_default_account": true,
      "exp_date": "1227",
      "user_token": "my_business_01"
    }
  ]
}

Create payment card source

Action: POST
Endpoint: /fundingsources/paymentcard Create a payment card funding source for an existing account holder. This endpoint returns the card type and the last four digits of the card, and then sets the active_ field to true. Marqeta retains only a tokenized representation of the card number.

Request body

Fields	Description
account_number string Required	Payment card account number. Allowable Values: 16-digit number
business_token string Optional	Unique identifier of the business account holder. This token is required if the `user_token` is not included. Send a `GET` request to `/businesses` to retrieve business tokens. Allowable Values: 1–36 chars
cvv_number string Required	Payment card CVV2 number. Allowable Values: 3–4 chars
exp_date string Required	Payment card expiration date. Allowable Values: Format: MMyy
is_default_account boolean Optional	If there are multiple funding sources, this field specifies which source is used by default in funding calls. If there is only one funding source, the system ignores this field and always uses that source. Allowable Values: `true`, `false` Default value: `false`
postal_code string Optional	Postal code of the account holder (user or business). Allowable Values: 10 char max
token string Optional	Unique identifier of the funding account. If you do not include a token, the system will generate one automatically. As this token is necessary for use in other calls, we recommend that you define a simple and easy to remember string rather than letting the system generate a token for you. This value cannot be updated. Allowable Values: 1–36 chars
user_token string Optional	Unique identifier of the user account holder. This token is required if the `business_token` is not included. Send a `GET` request to `/users` to retrieve user tokens. Allowable Values: 1–36 chars
zip string Optional	United States ZIP code of the account holder (user or business). Allowable Values: 10 char max

Sample request body

JSON

{
  "token": "my_paymentcard_01",
  "postal_code": "94608",
  "user_token": "my_user_01",
  "is_default_account": true,
  "exp_date": "1227",
  "account_number": "6559906559906557",
  "cvv_number": "123"
}

Response body

Fields	Description
account_suffix string Returned	Account identifier appended to the payment card number. Allowable Values: 255 char max
account_type string Returned	Type of payment card account. Allowable Values: `checking`, `corporate`, `loan`, `savings`
active boolean Returned	Specifies whether the account is active. Allowable Values: `true`, `false`
business_token string Conditionally returned	Unique identifier of the business account holder. This token is returned if a `user_token` is not specified. Allowable Values: Existing business resource token
created_time datetime Returned	Date and time when the resource was created, in UTC. Allowable Values: datetime Format: yyyy-MM-ddThh:mm:ssZ
exp_date string Returned	Payment card expiration date. Allowable Values: Format: MMyy
is_default_account boolean Returned	If there are multiple funding sources, this field specifies which source is used by default in funding calls. If there is only one funding source, the system ignores this field and always uses that source. Allowable Values: `true`, `false`
last_modified_time datetime Returned	Date and time when the resource was last modified, in UTC. Allowable Values: datetime Format: yyyy-MM-ddThh:mm:ssZ
token string Returned	Unique identifier of the funding source. Allowable Values: Existing funding source token
type string Returned	Funding source type. Allowable Values: `ACH`, `paymentcard`
user_token string Conditionally returned	Unique identifier of the user account holder. This token is returned if a `business_token` is not specified. Allowable Values: Existing user resource token

Sample response body

JSON

{
  "type": "paymentcard",
  "token": "my_paymentcard_01",
  "created_time": "2023-02-26T20:00:00Z",
  "last_modified_time": "2023-02-26T21:00:00Z",
  "account_suffix": "6557",
  "account_type": "corporate",
  "active": true,
  "is_default_account": true,
  "exp_date": "1227",
  "user_token": "my_user_01"
}

Retrieve payment card source

Action: GET
Endpoint: /fundingsources/paymentcard/{funding_source_token} Retrieve a specific payment card funding source.

URL path parameters

Fields	Description
funding_source_token string Required	Unique identifier of the funding source. Send a `GET` request to `/fundingsources/user/{user_token}` to retrieve existing funding source tokens for a user or to `/fundingsources/business/{business_token}` to retrieve existing funding source tokens for a business. Allowable Values: Existing funding source token

Response body

Fields	Description
account_suffix string Returned	Account identifier appended to the payment card number. Allowable Values: 255 char max
account_type string Returned	Type of payment card account. Allowable Values: `checking`, `corporate`, `loan`, `savings`
active boolean Returned	Specifies whether the account is active. Allowable Values: `true`, `false`
business_token string Conditionally returned	Unique identifier of the business account holder. This token is returned if a `user_token` is not specified. Allowable Values: Existing business resource token
created_time datetime Returned	Date and time when the resource was created, in UTC. Allowable Values: datetime Format: yyyy-MM-ddThh:mm:ssZ
exp_date string Returned	Payment card expiration date. Allowable Values: Format: MMyy
is_default_account boolean Returned	If there are multiple funding sources, this field specifies which source is used by default in funding calls. If there is only one funding source, the system ignores this field and always uses that source. Allowable Values: `true`, `false`
last_modified_time datetime Returned	Date and time when the resource was last modified, in UTC. Allowable Values: datetime Format: yyyy-MM-ddThh:mm:ssZ
token string Returned	Unique identifier of the funding source. Allowable Values: Existing funding source token
type string Returned	Funding source type. Allowable Values: `ACH`, `paymentcard`
user_token string Conditionally returned	Unique identifier of the user account holder. This token is returned if a `business_token` is not specified. Allowable Values: Existing user resource token

Sample response body

JSON

{
  "type": "paymentcard",
  "token": "my_paymentcard_01",
  "created_time": "2023-02-26T20:00:00Z",
  "last_modified_time": "2023-02-26T21:00:00Z",
  "account_suffix": "6557",
  "account_type": "corporate",
  "active": true,
  "is_default_account": true,
  "exp_date": "1227",
  "user_token": "my_user_01"
}

Update payment card source

Action: PUT
Endpoint: /fundingsources/paymentcard/{funding_source_token} Update a payment card funding source.

URL path parameters

Fields	Description
funding_source_token string Required	Unique identifier of the funding source. Send a `GET` request to `/fundingsources/user/{user_token}` to retrieve existing funding source tokens for a user or to `/fundingsources/business/{business_token}` to retrieve existing funding source tokens for a business. Allowable Values: Existing funding source token

Request body

Fields	Description
active boolean Optional	Indicates whether the card funding source is active. Allowable Values: `true`, `false` Default value: `true`
exp_date string Required	Expiration date for the payment card. Allowable Values: Format: MMyy
is_default_account boolean Optional	If there are multiple funding sources, this field specifies which source is used by default in funding calls. If there is only one funding source, the system ignores this field and always uses that source. Allowable Values: `true`, `false` Default value: `false`

Sample request body

JSON

{
  "is_default_account": false,
  "exp_date": "1227"
}

Response body

Fields	Description
account_suffix string Returned	Account identifier appended to the payment card number. Allowable Values: 255 char max
account_type string Returned	Type of payment card account. Allowable Values: `checking`, `corporate`, `loan`, `savings`
active boolean Returned	Specifies whether the account is active. Allowable Values: `true`, `false`
business_token string Conditionally returned	Unique identifier of the business account holder. This token is returned if a `user_token` is not specified. Allowable Values: Existing business resource token
created_time datetime Returned	Date and time when the resource was created, in UTC. Allowable Values: datetime Format: yyyy-MM-ddThh:mm:ssZ
exp_date string Returned	Payment card expiration date. Allowable Values: Format: MMyy
is_default_account boolean Returned	If there are multiple funding sources, this field specifies which source is used by default in funding calls. If there is only one funding source, the system ignores this field and always uses that source. Allowable Values: `true`, `false`
last_modified_time datetime Returned	Date and time when the resource was last modified, in UTC. Allowable Values: datetime Format: yyyy-MM-ddThh:mm:ssZ
token string Returned	Unique identifier of the funding source. Allowable Values: Existing funding source token
type string Returned	Funding source type. Allowable Values: `ACH`, `paymentcard`
user_token string Conditionally returned	Unique identifier of the user account holder. This token is returned if a `business_token` is not specified. Allowable Values: Existing user resource token

Sample response body

JSON

{
  "type": "paymentcard",
  "token": "my_paymentcard_01",
  "created_time": "2023-02-26T20:00:00Z",
  "last_modified_time": "2023-02-26T21:00:00Z",
  "account_suffix": "6557",
  "account_type": "DISCOVER",
  "active": true,
  "is_default_account": false,
  "exp_date": "1227",
  "user_token": "my_user_01"
}

List sources for user

Action: GET
Endpoint: /fundingsources/user/{user_token} List funding sources associated with a specific user. This endpoint supports field filtering.

URL path parameters

Fields	Description
user_token string Required	Unique identifier of the user account holder. Allowable Values: Existing user resource token

URL query parameters

Fields	Description
type string Optional	Type of funding source to retrieve: ACH or payment card. Leave unspecified to return both types. Allowable Values: `ACH`, `paymentcard` Default value: unspecified (both types)
fields string Optional	Comma-delimited list of fields to return (`field_1,field_2`, and so on). Leave blank to return all fields. Allowable Values: Comma-delimited list of fields, or blank

Response body

Fields	Description
count integer Conditionally returned	Number of resources to retrieve. This field is returned if there are resources in your returned array. Allowable Values: 1-10
data array of objects Conditionally returned	Array of funding account objects. Objects are returned as appropriate to your query. Allowable Values: Valid data array of one or more funding account objects
data[].account_suffix string Conditionally returned	Account identifier appended to the bank account number. This field is returned if it exists in the resource. Allowable Values: 255 char max
data[].account_type string Conditionally returned	Type of account. This field is returned if it exists in the resource. Allowable Values: `checking`, `savings`, `corporate`, `loan`
data[].active boolean Conditionally returned	Specifies whether the account is active. This field is returned if it exists in the resource. Allowable Values: `true`, `false`
data[].business_token string Conditionally returned	Unique identifier of the business account holder. This token is returned if a `user_token` is not specified. Allowable Values: Existing business token
data[].created_time datetime Returned	Date and time when the resource was created, in UTC. Allowable Values: datetime Format: yyyy-MM-ddThh:mm:ssZ
data[].date_sent_for_verification datetime Conditionally returned	Date and time in UTC when the request for account validation was sent to the third-party partner. This field is returned if it exists in the resource. Allowable Values: Format: yyyy-MM-ddThh:mm:ssZ
data[].date_verified datetime Conditionally returned	Date and time when the account was verified, in UTC. This field is returned if it exists in the resource. Allowable Values: datetime Format: yyyy-MM-ddThh:mm:ssZ
data[].exp_date string Conditionally returned	Payment card expiration date. This field is returned if it exists in the resource. Allowable Values: Format: MMyy
data[].is_default_account boolean Conditionally returned	If there are multiple funding sources, this field specifies which source is used by default in funding calls. If there is only one funding source, the system ignores this field and always uses that source. This field is returned if it exists in the resource. Allowable Values: `true`, `false`
data[].last_modified_time datetime Returned	Date and time when the resource was last modified, in UTC. Allowable Values: datetime Format: yyyy-MM-ddThh:mm:ssZ
data[].name_on_account string Conditionally returned	Name on the account. This field is returned if it exists in the resource. Allowable Values: 1–50 chars
data[].partner string Conditionally returned	Name of the partner who validated the account holder. Returned when a third-party partner was used for account validation. Allowable Values: `PLAID`
data[].partner_account_link_reference_token string Conditionally returned	Supplied by the account validation partner, this value is a reference to the account holder’s details, such as the account number and routing number. Returned when a third-party partner was used for account validation. Allowable Values: 255 char max
data[].token string Conditionally returned	Unique identifier of the funding source. This field is returned if it exists in the resource. Allowable Values: Existing funding source token
data[].type string Conditionally returned	Funding source type. Allowable Values: `ACH`, `paymentcard`
data[].user_token string Conditionally returned	Unique identifier of the user account holder. This token is returned if a `business_token` is not specified. Allowable Values: Existing user token
data[].verification_notes string Conditionally returned	Free-form text field for holding notes about verification. This field is returned only if `verification_override = true`. Allowable Values: 255 char max
data[].verification_override boolean Conditionally returned	Allows the ACH funding source to be used regardless of its verification status. NOTE: When using `PLAID` to validate a funding source, this field is always set to `true`. Allowable Values: `true`, `false`
data[].verification_status string Conditionally returned	Account verification status. This field is returned if it exists in the resource. Allowable Values: `ACH_FAILED`, `ACH_VERIFIED`, `VERIFICATION_PENDING`
end_index integer Conditionally returned	Sort order index of the last resource in the returned array. This field is returned if there are resources in your returned array. Allowable Values: Any integer
is_more boolean Conditionally returned	A value of `true` indicates that more unreturned resources exist. A value of `false` indicates that no more unreturned resources exist. This field is returned if there are resources in your returned array. Allowable Values: `true`, `false`
start_index integer Conditionally returned	Sort order index of the first resource in the returned array. This field is returned if there are resources in your returned array. Allowable Values: Any integer

Sample response body

JSON

{
  "count": 2,
  "start_index": 0,
  "end_index": 1,
  "is_more": false,
  "data": [
    {
      "type": "paymentcard",
      "token": "jane_doe_paymentcard_01",
      "account_suffix": "4113",
      "account_type": "corporate",
      "active": true,
      "is_default_account": true,
      "exp_date": "1227",
      "user_token": "my_user_01",
      "created_time": "2023-02-26T20:03:05Z",
      "last_modified_time": "2023-02-26T20:03:05Z"
    },
    {
      "type": "ach",
      "token": "jane_doe_ach_token",
      "account_suffix": "4321",
      "account_type": "savings",
      "active": false,
      "is_default_account": false,
      "verification_status": "ACH_VERIFIED",
      "user_token": "my_user_01",
      "name_on_account": "Jane Doe",
      "date_sent_for_verification": "2023-02-27T23:27:58Z",
      "created_time": "2023-02-26T20:03:05Z",
      "last_modified_time": "2023-02-26T20:03:05Z"
    }
  ]
}

Set default source

Action: PUT
Endpoint: /fundingsources/{funding_source_token}/default Configure either an ACH funding source or a payment card funding source as the default funding source. A default funding source is used when you omit the funding_source_token field from funding requests, such as a POST request to /gpaorders. Note that the first funding source you create is automatically set as the default (is_default_source=true).

URL path parameters

Fields	Description
funding_source_token string Required	Unique identifier of the funding source. Send a `GET` request to `/fundingsources/user/{user_token}` to retrieve existing funding source tokens for a user or to `/fundingsources/business/{business_token}` to retrieve existing funding source tokens for a business. Allowable Values: Existing funding source token

Response body

Fields	Description
account_suffix string Returned	Account identifier appended to the payment card number. Allowable Values: 255 char max
account_type string Returned	Type of payment card account. Allowable Values: `checking`, `corporate`, `loan`, `savings`
active boolean Returned	Specifies whether the account is active. Allowable Values: `true`, `false`
business_token string Conditionally returned	Unique identifier of the business account holder. This token is returned if a `user_token` is not specified. Allowable Values: Existing business resource token
created_time datetime Returned	Date and time when the resource was created, in UTC. Allowable Values: datetime Format: yyyy-MM-ddThh:mm:ssZ
exp_date string Returned	Payment card expiration date. Allowable Values: Format: MMyy
is_default_account boolean Returned	If there are multiple funding sources, this field specifies which source is used by default in funding calls. If there is only one funding source, the system ignores this field and always uses that source. Allowable Values: `true`, `false`
last_modified_time datetime Returned	Date and time when the resource was last modified, in UTC. Allowable Values: datetime Format: yyyy-MM-ddThh:mm:ssZ
token string Returned	Unique identifier of the funding source. Allowable Values: Existing funding source token
type string Returned	Funding source type. Allowable Values: `ACH`, `paymentcard`
user_token string Conditionally returned	Unique identifier of the user account holder. This token is returned if a `business_token` is not specified. Allowable Values: Existing user resource token

Sample response body

JSON

{
  "type": "paymentcard",
  "token": "jane_doe_paymentcard_token",
  "account_suffix": "4321",
  "account_type": "corporate",
  "active": true,
  "exp_date": "1227",
  "is_default_account": true,
  "user_token": "my_user_01",
  "created_time": "2023-02-28T20:00:00Z",
  "last_modified_time": "2023-02-28T20:00:00Z"
}

Core API Basics

SDKs

Credentials

Account Holders

Funding

Just-in-Time Funding

Cards

Digital Wallets

Spend Control

Accounts

Transactions

3D Secure

Real-Time Decisioning

Disputes

Digital Banking

Credit Programs

Credit Account Management

Credit Account Servicing

Credit Reward Accounts

Testing

Webhooks

​Create ACH source

​Request body

​Sample request body

​Response body

​Sample response body

​Create ACH source via a partner integration

​Request body

​Sample request body

​Response body

​Sample response body

​Retrieve ACH source

​URL path parameters

​Response body

​Sample response body

​List sources for business

​URL path parameters

​URL query parameters

​Response body

​Sample response body

​Create payment card source

​Request body

​Sample request body

​Response body

​Sample response body

​Retrieve payment card source

​URL path parameters

​Response body

​Sample response body

​Update payment card source

​URL path parameters

​Request body

​Sample request body

​Response body

​Sample response body

​List sources for user

​URL path parameters

​URL query parameters

​Response body

​Sample response body

​Set default source

​URL path parameters

​Response body

​Sample response body

Create ACH source

Request body

Sample request body

Response body

Sample response body

Create ACH source via a partner integration

Request body

Sample request body

Response body

Sample response body

Retrieve ACH source

URL path parameters

Response body

Sample response body

List sources for business

URL path parameters

URL query parameters

Response body

Sample response body

Create payment card source

Request body

Sample request body

Response body

Sample response body

Retrieve payment card source

URL path parameters

Response body

Sample response body

Update payment card source

URL path parameters

Request body

Sample request body

Response body

Sample response body

List sources for user

URL path parameters

URL query parameters

Response body

Sample response body

Set default source

URL path parameters

Response body

Sample response body