/
40 minute read
March 24, 2022

Account Holder Funding Sources

Use the /fundingsources/ach, /fundingsources/ach/partner, and /fundingsources/paymentcard endpoints to create account holder funding sources. A funding source enables access to funds outside of the Marqeta platform.

For more information on users and businesses, see About Account Holders.

Create ACH source

Action: POST
Endpoint: /fundingsources/ach

Create an ACH funding source for an existing account holder. Specify the account holder of the funding source by passing a user or business token.

When adding an ACH funding source, a small amount is deposited in the bank account as a test. The test deposit should be reflected in the account after two to three business days. You must then make an API call to verify the deposit amount in order to activate the ACH account. See Verify or Update ACH Funding Source on this page for more information.

The response body returns details about the account, including the verification status. Possible ACH verification status values include VERIFICATION_PENDING, ACH_VERIFIED, and ACH_FAILED.

To use a third-party for account validation when creating an ACH funding source for an existing account holder, see Create ACH source via a partner integration.

Request body
Fields Description

account_number

string
Required

The ACH account number.

Allowable Values:

36 char max

account_type

string
Required

The type of account.

Allowable Values:

checking, savings, corporate, loan

bank_name

string
Optional

The name of the financial institution where the ACH account is held.

Allowable Values:

255 char max

business_token

string
Optional

Specifies the owner of the funding source. This token is required if a user_token is not specified.

Allowable Values:

1–36 chars

Send a GET request to /businesses to retrieve business tokens.

is_default_account

boolean
Optional

If there are multiple funding sources, this field specifies which source is used by default in funding calls. If there is only one funding source, the system ignores this field and always uses that source.

Allowable Values:

true, false

Default value:
false

name_on_account

string
Required

The name on the ACH account.

Allowable Values:

1–50 chars

routing_number

string
Required

The routing number for the ACH account.

Allowable Values:

9 digits

token

string
Optional

The unique identifier of the funding source. If you do not include a token, the system will generate one automatically. This token is necessary for use in other calls, so we recommend that rather than let the system generate one, you use a simple string that is easy to remember. This value cannot be updated.

Allowable Values:

1–36 chars

user_token

string
Optional

Specifies the owner of the funding source. This token is required if a business_token is not specified.

Allowable Values:

1–36 chars

Send a GET request to /users to retrieve user tokens.

verification_notes

string
Optional

Free-form text field for holding notes about verification. This field is returned only if verification_override = true.

Allowable Values:

255 char max

verification_override

boolean
Optional

Allows the ACH funding source to be used regardless of its verification status.

Allowable Values:

true, false

Default value:
false

Sample request body
JSON
Copied

Is this helpful?

Yes
No
Response body
Fields Description

account_suffix

string
Returned

The last four digits of the account number.

Allowable Values:

4 char max

account_type

string
Returned

The type of account.

Allowable Values:

checking, savings, corporate, loan

active

boolean
Returned

Specifies whether the account is active.

Allowable Values:

true, false

bank_name

string
Conditionally returned

The name of the bank holding the account. This field is returned if it exists in the resource.

Allowable Values:

255 char max

business_token

string
Conditionally returned

The unique identifier of the business account holder. This token is returned if a user_token is not specified.

Allowable Values:

Existing business token

created_time

datetime
Returned

The date and time when the resource was created, in UTC. 2022-02-26T20:03:05Z, for example.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

date_sent_for_verification

datetime
Conditionally returned

Date and time in UTC when either the request for account validation was sent to the third-party partner, or when the funding source was verified by microdeposits. 2022-02-26T20:03:05Z, for example.

This field is returned if it exists in the resource.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

date_verified

datetime
Conditionally returned

The date and time when the account was verified, in UTC. 2022-02-26T20:03:05Z, for example.

This field is returned if it exists in the resource.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

is_default_account

boolean
Conditionally returned

If there are multiple funding sources, this field specifies which source is used by default in funding calls. If there is only one funding source, the system ignores this field and always uses that source.

This field is returned if it exists in the resource.

Allowable Values:

true, false

last_modified_time

datetime
Returned

The date and time when the resource was last modified, in UTC. 2022-02-26T20:03:05Z, for example.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

name_on_account

string
Returned

The name on the ACH account.

Allowable Values:

1–50 chars

token

string
Returned

The unique identifier of the funding source.

Allowable Values:

Existing funding source token

user_token

string
Conditionally returned

The unique identifier of the user account holder. This token is returned if a business_token is not specified.

Allowable Values:

Existing user token

verification_notes

string
Conditionally returned

Free-form text field for holding notes about verification. This field is returned only if verification_override = true.

Allowable Values:

255 char max

verification_override

boolean
Conditionally returned

Allows the ACH funding source to be used regardless of its verification status. This field is returned if it exists in the resource.

Allowable Values:

true, false

Default value:
false

verification_status

string
Conditionally returned

The account verification status. This field is returned if it exists in the resource.

Allowable Values:

VERIFICATION_PENDING, ACH_VERIFIED, ACH_FAILED

Sample response body
JSON
Copied

Is this helpful?

Yes
No

Create ACH source via a partner integration

Action: POST
Endpoint: /fundingsources/ach/partner

Create an ACH funding source for an existing account holder by using a third-party partner to handle account validation and provide PII account data. Because you don’t handle any personally identifiable information (PII) yourself, using a third party when creating the funding source enables you to bypass the regulatory and compliance measures related to capturing, storing, and transmitting PII.

With this endpoint, you can create a US-based funding source—either a checking account or a savings account—for a program or user without passing bank account details such as the account number or routing number to Marqeta. Instead, validating account data and account verification is handled by the third-party partner you specify, and a secure token (i.e., a Plaid processor_token) is shared across partners. By using a secure account verification platform to provide immediate verification, you shorten the wait time until the ACH funding source is ready and avoid managing the microdeposit-based account verification process.

To create an ACH funding source for an existing account holder without validating through a third party, see Create ACH source.

Note
This endpoint assumes that you already have established a relationship with both Marqeta and the third-party account validation partner you want to use. In addition, you must explicitly authorize the sharing of information with the third-party partner, and enable Marqeta as a processor for your integration. For more information, contact your Marqeta representative.
Request body
Fields Description

token

string
Optional

The unique identifier of the funding source. If you do not include a token, the system will generate one automatically. This token is necessary for use in other calls, so we recommend that rather than let the system generate one, you use a simple string that is easy to remember. This value cannot be updated.

Allowable Values:

36 char max

user_token OR business_token

string
Optional

Specifies the owner of the funding source.

Allowable Values:

Existing user or business token.

Send a GET request to /users to retrieve user tokens or to /businesses to retrieve business tokens.

Default value:
false

partner_account_link_reference_token

string
Optional

Supplied by the account validation partner, this value is a reference to the account holder’s details, such as the account number and routing number.

NOTE: You must include a partner_account_link_reference_token when the account validation partner you are using is PLAID.

Allowable Values:

255 max char

is_default_account

boolean
Optional

If there are multiple funding sources, this field specifies which source is used by default in funding calls. If there is only one funding source, the system ignores this field and always uses that source.

Allowable Values:

true, false

Default value:
false

partner

string
Required

The name of the partner who will validate this account holder.

Allowable Values:

PLAID

Response body
Fields Description

count

string
Returned

The number of resources returned.

Allowable Values:

1-100 recommended

start_index

string
Returned

Specifies the sort order index from which to begin returning data.

Allowable Values:

Any integer

end_index

integer
Returned

The sort order index of the last resource in the returned array.

Allowable Values:

Any integer

is_more

boolean
Returned

A value of true indicates that more unreturned resources exist.

Allowable Values:

true, false

partner

string
Returned

The name of the partner who validated the account holder.

Allowable Values:

PLAID

partner_account_link_reference_token

string
Returned

Supplied by the account validation partner, this value is a reference to the account holder’s details, such as the account number and routing number.

Allowable Values:

255 max char

created_time

string
Returned

Date and time when the account holder funding source was created.

Allowable Values:

Format: yyyy-MM-dd’T’HH:mm:ss.Z

last_modified_time

string
Returned

Date and time when the account holder funding source was last modified.

Allowable Values:

Format: yyyy-MM-dd’T’HH:mm:ss.Z

token

string
Returned

The unique identifier of the funding account.

Allowable Values:

36 char max

bank_name

string
Conditionally returned

The name of the financial institution where the ACH account is held. Returned only if supplied by the third-party partner.

NOTE: This field is not returned by PLAID.

Allowable Values:

255 char max

account_suffix

string
Returned

The last four digits of the account number.

Allowable Values:

4 char max

account_type

string
Returned

The type of account.

Allowable Values:

checking, savings, corporate, loan

active

boolean
Returned

Indicates whether the ACH funding source is active.

Allowable Values:

true, false

is_default_account

boolean
Returned

If there are multiple funding sources, this field specifies which source is used by default in funding calls.

Allowable Values:

true, false

verification_status

string
Returned

Indicates the bank account’s verification status.

Allowable Values:

VERIFICATION_PENDING, ACH_VERIFIED, ACH_FAILED

date_sent_for_verification

string
Returned

Date and time in UTC when the request for account validation was sent to the specified partner.

Allowable Values:

Format: yyyy-MM-dd’T’HH:mm:ss.Z

user_token

string
Returned

Specifies the owner of the funding source.

Allowable Values:

Existing user token.

name_on_account

string
Conditionally returned

The account holder name associated with the ACH account. Returned when the type field is set to ach.

Allowable Values:

50 char max

Sample request body
JSON
Copied

Is this helpful?

Yes
No
Sample response body
JSON
Copied

Is this helpful?

Yes
No

Retrieve ACH source

Action: GET
Endpoint: /fundingsources/ach/{funding_source_token}

Retrieve a specific ACH funding source. The response body returns details about the account, including the verification status.

URL path parameters
Fields Description

funding_source_token

string
Required

The unique identifier of the funding source.

Allowable Values:

Existing funding source token.

Send a GET request to /fundingsources/user/{user_token} to retrieve existing funding source tokens for a user or to /fundingsources/business/{business_token} to retrieve existing funding source tokens for a business.

Response body
Fields Description

account_suffix

string
Returned

The last four digits of the account number.

Allowable Values:

4 char max

account_type

string
Returned

The type of account.

Allowable Values:

checking, savings, corporate, loan

active

boolean
Returned

Indicates whether the ACH funding source is active.

Allowable Values:

true, false

bank_name

string
Conditionally returned

The name of the financial institution where the ACH account is held. This field is returned if it exists in the resource.

Allowable Values:

255 char max

business_token

string
Conditionally returned

The unique identifier of the business account holder. This token is returned if a user_token is not specified.

Allowable Values:

Existing business token

created_time

datetime
Returned

The date and time when the resource was created, in UTC. 2022-02-26T20:03:05Z, for example.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

date_sent_for_verification

datetime
Conditionally returned

Date and time in UTC when either the request for account validation was sent to the third-party partner, or when the funding source was verified by microdeposits. 2022-02-26T20:03:05Z, for example.

This field is returned if it exists in the resource.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

date_verified

datetime
Conditionally returned

The date and time when the account was verified, in UTC. 2022-02-26T20:03:05Z, for example.

This field is returned if it exists in the resource.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

is_default_account

boolean
Conditionally returned

If there are multiple funding sources, this field specifies which source is used by default in funding calls. If there is only one funding source, the system ignores this field and always uses that source.

This field is returned if it exists in the resource.

Allowable Values:

true, false

last_modified_time

datetime
Returned

The date and time when the resource was last modified, in UTC. 2022-02-26T20:03:05Z, for example.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

name_on_account

string
Returned

The account holder name associated with the ACH account.

Allowable Values:

1–50 chars

partner

string
Conditionally returned

The name of the partner who validated the account holder. Returned when a third-party partner was used for account validation.

Allowable Values:

PLAID

partner_account_link_reference_token

string
Conditionally returned

Supplied by the account validation partner, this value is a reference to the account holder’s details, such as the account number and routing number. Returned when a third-party partner was used for account validation.

Allowable Values:

255 max char

token

string
Returned

The unique identifier of the funding source.

Allowable Values:

Existing funding source token

user_token

string
Conditionally returned

Specifies the owner of the funding source. This token is returned if a business_token is not specified.

Allowable Values:

Existing user token

verification_notes

string
Conditionally returned

Free-form text field for holding notes about verification. This field is returned only if verification_override = true.

Allowable Values:

255 char max

verification_override

boolean
Conditionally returned

Allows the ACH funding source to be used, regardless of its verification status. This field is returned if it exists in the resource.

NOTE: When using PLAID to validate a funding source, this field is always set to true.

Allowable Values:

true, false

Default value:
false

verification_status

string
Conditionally returned

Indicates the bank account’s verification status. This field is returned if it exists in the resource.

Allowable Values:

VERIFICATION_PENDING, ACH_VERIFIED, ACH_FAILED

Sample response body
JSON
Copied

Is this helpful?

Yes
No

Verify or update ACH source

Action: PUT
Endpoint: /fundingsources/ach/{funding_source_token}

Verify or update an ACH funding source.

If you are verifying the ACH source, include the verification amounts in the body of the request. ACH verification will fail if the verification amounts are not entered in the correct order. verify_amount1 must match the first deposit amount, and verify_amount2 must match the second.

If you are updating the ACH source, include the active field instead. The active field is the only field you can update.

URL path parameters
Fields Description

funding_source_token

string
Required

Identifies the ACH funding source to verify or update.

Allowable Values:

Existing ACH funding source token.

Send a GET request to /fundingsources/user/{user_token} to retrieve existing funding source tokens for a user or to /fundingsources/business/{business_token} to retrieve existing funding source tokens for a business.

Request body
Fields Description

active

boolean
Optional

Indicates whether the ACH funding source is active.

Allowable Values:

true, false

verify_amount1

decimal
Optional

Verification amount.

Allowable Values:

Format: 0.00

verify_amount2

decimal
Optional

Verification amount.

Allowable Values:

Format: 0.00

Sample request body
JSON
Copied

Is this helpful?

Yes
No
Response body
Fields Description

account_suffix

string
Returned

The last four digits of the account number.

Allowable Values:

4 char max

account_type

string
Returned

The type of account.

Allowable Values:

checking, savings, corporate, loan

active

boolean
Returned

Specifies whether the account is active.

Allowable Values:

true, false

bank_name

string
Conditionally returned

The name of the bank holding the account. This field is returned if it exists in the resource.

Allowable Values:

255 char max

business_token

string
Conditionally returned

The unique identifier of the business account holder. This token is returned if a user_token is not specified.

Allowable Values:

Existing business token

created_time

datetime
Returned

The date and time when the resource was created, in UTC. 2022-02-26T20:03:05Z, for example.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

date_sent_for_verification

datetime
Conditionally returned

Date and time in UTC when either the request for account validation was sent to the third-party partner, or when the funding source was verified by microdeposits. 2022-02-26T20:03:05Z, for example.

This field is returned if it exists in the resource.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

date_verified

datetime
Conditionally returned

The date and time when the account was verified, in UTC. 2022-02-26T20:03:05Z, for example.

This field is returned if it exists in the resource.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

is_default_account

boolean
Conditionally returned

If there are multiple funding sources, this field specifies which source is used by default in funding calls. If there is only one funding source, the system ignores this field and always uses that source.

This field is returned if it exists in the resource.

Allowable Values:

true, false

last_modified_time

datetime
Returned

The date and time when the resource was last modified, in UTC. 2022-02-26T20:03:05Z, for example.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

name_on_account

string
Returned

The name on the ACH account.

Allowable Values:

1–50 chars

token

string
Returned

The unique identifier of the funding source.

Allowable Values:

Existing funding source token

user_token

string
Conditionally returned

The unique identifier of the user account holder. This token is returned if a business_token is not specified.

Allowable Values:

Existing user token

verification_notes

string
Conditionally returned

Free-form text field for holding notes about verification. This field is returned only if verification_override = true.

Allowable Values:

255 char max

verification_override

boolean
Conditionally returned

Allows the ACH funding source to be used regardless of its verification status. This field is returned if it exists in the resource.

Allowable Values:

true, false

Default value:
false

verification_status

string
Conditionally returned

The account verification status. This field is returned if it exists in the resource.

Allowable Values:

VERIFICATION_PENDING, ACH_VERIFIED, ACH_FAILED

Sample response body
JSON
Copied

Is this helpful?

Yes
No

Retrieve ACH verification amounts

Action: GET
Endpoint: /fundingsources/ach/{funding_source_token}/verificationamounts

In your public or private sandbox environment, retrieve the amounts used to verify the association with your ACH account.

Use this endpoint for testing purposes only. In production, verification amounts are retrieved from the bank statement of the account holder.

URL path parameters
Fields Description

funding_source_token

string
Required

Identifies the ACH funding source for which you want to retrieve verification deposit amounts.

Allowable Values:

Existing funding source token.

Send a GET request to /fundingsources/user/{user_token} to retrieve existing funding source tokens for a user or to /fundingsources/business/{business_token} to retrieve existing funding source tokens for a business.

Response body
Fields Description

active

boolean
Conditionally returned

Indicates whether the ACH funding source is active.

Allowable Values:

true, false

verify_amount1

decimal
Conditionally returned

Verification amount.

Allowable Values:

Format: 0.00

verify_amount2

decimal
Conditionally returned

Verification amount.

Allowable Values:

Format: 0.00

Sample response body
JSON
Copied

Is this helpful?

Yes
No

List sources for business

Action: GET
Endpoint: /fundingsources/business/{business_token}

List funding sources associated with a specific business.

This endpoint supports field filtering.

URL path parameters
Fields Description

business_token

string
Required

Identifies the business whose funding sources you want to retrieve.

Allowable Values:

Existing business token

Send a GET request to /businesses to retrieve existing business tokens.

URL query parameters
Fields Description

type

string
Optional

Type of funding source to return: ACH or payment card. Leave unspecified to return both types.

Allowable Values:

ACH, paymentcard

Default value:
unspecified (both types)

fields

string
Optional

Comma-delimited list of fields to return (field_1,field_2, and so on). Leave blank to return all fields.

Allowable Values:

Comma-delimited list of fields, or blank

Response body
Fields Description

count

integer
Conditionally returned

The number of resources to retrieve.

Allowable Values:

1-100 recommended

data

array of objects
Conditionally returned

An array of funding_account_response_model objects.

Allowable Values:

Valid data array

data[].account_suffix

string
Conditionally returned

The last four digits of the account number. This field is returned if it exists in the resource.

Allowable Values:

4 char max

data[].account_type

string
Conditionally returned

The type of account. This field is returned if it exists in the resource.

Allowable Values:

checking, savings, corporate, loan

data[].active

boolean
Conditionally returned

Specifies whether the account is active. This field is returned if it exists in the resource.

Allowable Values:

true, false

data[].business_token

string
Conditionally returned

The unique identifier of the business account holder. This token is returned if a user_token is not specified.

Allowable Values:

Existing business token

data[].created_time

datetime
Returned

The date and time when the resource was created, in UTC. 2022-02-26T20:03:05Z, for example.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

data[].date_sent_for_verification

datetime
Conditionally returned

The date and time when the account was sent for verification, in UTC. 2022-02-26T20:03:05Z, for example.

This field is returned if it exists in the resource.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

data[].date_verified

datetime
Conditionally returned

The date and time when the account was verified, in UTC. 2022-02-26T20:03:05Z, for example.

This field is returned if it exists in the resource.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

data[].exp_date

string
Conditionally returned

Payment card expiration date. This field is returned if it exists in the resource.

Allowable Values:

Format: MMyy

data[].is_default_account

boolean
Conditionally returned

If there are multiple funding sources, this field specifies which source is used by default in funding calls. If there is only one funding source, the system ignores this field and always uses that source.

This field is returned if it exists in the resource.

Allowable Values:

true, false

data[].last_modified_time

datetime
Returned

The date and time when the resource was last modified, in UTC. 2022-02-26T20:03:05Z, for example.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

data[].name_on_account

string
Conditionally returned

The name on the account. This field is returned if it exists in the resource.

Allowable Values:

1–50 chars

data[].partner

string
Conditionally returned

The name of the partner who validated the account holder. Returned when the funding source was created using the /fundingsources/ach/partner endpoint.

Allowable Values:

PLAID

data[].partner_account_link_reference_token

string
Conditionally returned

Supplied by the account validation partner, this value is a reference to the account holder’s details, such as the account number and routing number. Returned when the type field is set to ach.

Allowable Values:

255 max char

data[].token

string
Conditionally returned

The unique identifier of the funding source. This field is returned if it exists in the resource.

Allowable Values:

Existing funding source token

data[].type

string
Conditionally returned

The funding source type.

Allowable Values:

ACH, paymentcard

data[].user_token

string
Conditionally returned

The unique identifier of the user account holder. This token is returned if a business_token is not specified.

Allowable Values:

Existing user token

data[].verification_notes

string
Conditionally returned

Free-form text field for holding notes about verification. This field is returned only if verification_override = true.

Allowable Values:

255 char max

data[].verification_override

boolean
Conditionally returned

Allows the ACH funding source to be used regardless of its verification status.

Allowable Values:

true, false

data[].verification_status

string
Conditionally returned

The account verification status. This field is returned if it exists in the resource.

Allowable Values:

VERIFICATION_PENDING, ACH_VERIFIED, ACH_FAILED

end_index

integer
Conditionally returned

The sort order index of the last resource in the returned array.

Allowable Values:

Any integer

is_more

boolean
Conditionally returned

A value of true indicates that more unreturned resources exist.

Allowable Values:

true, false

start_index

integer
Conditionally returned

The sort order index of the first resource in the returned array.

Allowable Values:

Any integer

Sample response body
JSON
Copied

Is this helpful?

Yes
No

Create payment card source

Action: POST
Endpoint: /fundingsources/paymentcard

Create a payment card funding source for an existing account holder. This endpoint returns the card type and the last four digits of the card, and then sets the active field to true.

Marqeta retains only a tokenized representation of the card number.

Note
This endpoint is only available to its current users.
Request body
Fields Description

account_number

string
Required

Payment card account number.

Allowable Values:

16-digit number

business_token

string
Optional

Specifies the owner of the funding source. This token is required if the user_token is not included.

Allowable Values:

1–36 chars

Send a GET request to /businesses to retrieve business tokens.

cvv_number

string
Required

Payment card CVV2 number.

Allowable Values:

3–4 chars

exp_date

string
Required

Payment card expiration date.

Allowable Values:

Format: MMyy

is_default_account

boolean
Optional

If there are multiple funding sources, this field specifies which source is used by default in funding calls. If there is only one funding source, the system ignores this field and always uses that source. If you do not specify this field upon creation, the system sets it to false.

Allowable Values:

true, false

Default value:
false

postal_code

string
Optional

Postal code of the account holder (user or business).

Allowable Values:

10 char max

token

string
Optional

The unique identifier of the funding account. If you do not include a token, the system will generate one automatically. As this token is necessary for use in other calls, we recommend that you define a simple and easy to remember string rather than letting the system generate a token for you. This value cannot be updated.

Allowable Values:

1–36 chars

user_token

string
Optional

Specifies the owner of the funding source. This token is required if the business_token is not included.

Allowable Values:

1–36 chars

Send a GET request to /users to retrieve user tokens.

zip

string
Optional

ZIP code of the account holder (user or business)

Allowable Values:

10 char max

Sample request body
JSON
Copied

Is this helpful?

Yes
No
Response body
Fields Description

account_suffix

string
Returned

The last four digits of the account number.

Allowable Values:

4 char max

account_type

string
Returned

The type of payment card account.

Allowable Values:

checking, savings, corporate, loan

active

boolean
Returned

Specifies whether the account is active.

Allowable Values:

true, false

business_token

string
Conditionally returned

The unique identifier of the business account holder. This token is returned if a user_token is not specified.

Allowable Values:

Existing business token

created_time

datetime
Returned

The date and time when the resource was created, in UTC. 2022-02-26T20:03:05Z, for example.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

exp_date

string
Returned

Payment card expiration date.

Allowable Values:

Format: MMyy

is_default_account

boolean
Returned

If there are multiple funding sources, this field specifies which source is used by default in funding calls. If there is only one funding source, the system ignores this field and always uses that source.

Allowable Values:

true, false

last_modified_time

datetime
Returned

The date and time when the resource was last modified, in UTC. 2022-02-26T20:03:05Z, for example.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

token

string
Returned

The unique identifier of the funding source.

Allowable Values:

Existing funding source token

type

string
Returned

The funding source type.

Allowable Values:

ACH, paymentcard

user_token

string
Conditionally returned

The unique identifier of the user account holder. This token is returned if a business_token is not specified.

Allowable Values:

Existing user token

Sample response body
JSON
Copied

Is this helpful?

Yes
No

Retrieve payment card source

Action: GET
Endpoint: /fundingsources/paymentcard/{funding_source_token}

Retrieve a specific payment card funding source.

Note
This endpoint is only available to its current users.
URL path parameters
Fields Description

funding_source_token

string
Required

Identifies the payment card funding source you want to retrieve.

Allowable Values:

Existing funding source token.

Send a GET request to /fundingsources/user/{user_token} to retrieve existing funding source tokens for a user or to /fundingsources/business/{business_token} to retrieve existing funding source tokens for a business.

Response body
Fields Description

account_suffix

string
Returned

The last four digits of the account number.

Allowable Values:

4 char max

account_type

string
Returned

The type of payment card account.

Allowable Values:

checking, savings, corporate, loan

active

boolean
Returned

Specifies whether the account is active.

Allowable Values:

true, false

business_token

string
Conditionally returned

The unique identifier of the business account holder. This token is returned if a user_token is not specified.

Allowable Values:

Existing business token

created_time

datetime
Returned

The date and time when the resource was created, in UTC. 2022-02-26T20:03:05Z, for example.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

exp_date

string
Returned

Payment card expiration date.

Allowable Values:

Format: MMyy

is_default_account

boolean
Returned

If there are multiple funding sources, this field specifies which source is used by default in funding calls.

Allowable Values:

true, false

last_modified_time

datetime
Returned

The date and time when the resource was last modified, in UTC. 2022-02-26T20:03:05Z, for example.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

token

string
Returned

The unique identifier of the funding source.

Allowable Values:

Existing funding source token

type

string
Returned

The funding source type.

Allowable Values:

ACH, paymentcard

user_token

string
Conditionally returned

The unique identifier of the user account holder. This token is returned if a business_token is not specified.

Allowable Values:

Existing user token

Sample response body
JSON
Copied

Is this helpful?

Yes
No

Update payment card source

Action: PUT
Endpoint: /fundingsources/paymentcard/{funding_source_token}

Update a payment card funding source. Only the values of parameters in the request are modified; all others are left unchanged.

Note
This endpoint is only available to its current users.
URL path parameters
Fields Description

funding_source_token

string
Required

Identifies the payment card funding source you want to retrieve.

Allowable Values:

Existing funding source token.

Send a GET request to /fundingsources/user/{user_token} to retrieve existing funding source tokens for a user or to /fundingsources/business/{business_token} to retrieve existing funding source tokens for a business.

Request body
Fields Description

active

boolean
Optional

Indicates whether the card funding source is active.

Allowable Values:

true, false

Default value:
true

exp_date

string
Required

The expiration date for the payment card.

Allowable Values:

Format: MMyy

is_default_account

boolean
Optional

If there are multiple funding sources, this field specifies which source is used by default in funding calls. If there is only one funding source, the system ignores this field and always uses that source.

Allowable Values:

true, false

Default value:
false

Sample request body
JSON
Copied

Is this helpful?

Yes
No
Response body
Fields Description

account_suffix

string
Returned

The last four digits of the account number.

Allowable Values:

4 char max

account_type

string
Returned

The type of payment card account.

Allowable Values:

checking, savings, corporate, loan

active

boolean
Returned

Specifies whether the account is active.

Allowable Values:

true, false

business_token

string
Conditionally returned

The unique identifier of the business account holder. This token is returned if a user_token is not specified.

Allowable Values:

Existing business token

created_time

datetime
Returned

The date and time when the resource was created, in UTC. 2022-02-26T20:03:05Z, for example.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

exp_date

string
Returned

Payment card expiration date.

Allowable Values:

Format: MMyy

is_default_account

boolean
Returned

If there are multiple funding sources, this field specifies which source is used by default in funding calls.

Allowable Values:

true, false

last_modified_time

datetime
Returned

The date and time when the resource was last modified, in UTC. 2022-02-26T20:03:05Z, for example.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

token

string
Returned

The unique identifier of the funding source.

Allowable Values:

Existing funding source token

type

string
Returned

The funding source type.

Allowable Values:

ACH, paymentcard

user_token

string
Conditionally returned

The unique identifier of the user account holder. This token is returned if a business_token is not specified.

Allowable Values:

Existing user token

Sample response body
JSON
Copied

Is this helpful?

Yes
No

List sources for user

Action: GET
Endpoint: /fundingsources/user/{user_token}

List funding sources associated with a specific user.

This endpoint supports field filtering.

URL path parameters
Fields Description

user_token

string
Required

Identifies the individual whose funding sources you want to list.

Allowable Values:

Existing user token

Send a GET request to /users to retrieve existing user tokens.

URL query parameters
Fields Description

type

string
Optional

The type of funding source to retrieve. Leave unspecified to return both types.

Allowable Values:

ACH, paymentcard

Default value:
unspecified (both types)

fields

string
Optional

Comma-delimited list of fields to return (field_1,field_2, and so on). Leave blank to return all fields.

Allowable Values:

Comma-delimited list of fields

Response body
Fields Description

count

integer
Conditionally returned

The number of resources to retrieve.

Allowable Values:

1-100 recommended

data

array of objects
Conditionally returned

An array of funding_account_response_model objects.

Allowable Values:

Valid data array

data[].account_suffix

string
Conditionally returned

The last four digits of the account number. This field is returned if it exists in the resource.

Allowable Values:

4 char max

data[].account_type

string
Conditionally returned

The type of account. This field is returned if it exists in the resource.

Allowable Values:

checking, savings, corporate, loan

data[].active

boolean
Conditionally returned

Specifies whether the account is active. This field is returned if it exists in the resource.

Allowable Values:

true, false

data[].business_token

string
Conditionally returned

The unique identifier of the business account holder. This token is returned if a user_token is not specified.

Allowable Values:

Existing business token

data[].created_time

datetime
Returned

The date and time when the resource was created, in UTC. 2022-02-26T20:03:05Z, for example.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

data[].date_sent_for_verification

datetime
Conditionally returned

The date and time when the account was sent for verification, in UTC. 2022-02-26T20:03:05Z, for example.

This field is returned if it exists in the resource.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

data[].date_verified

datetime
Conditionally returned

The date and time when the account was verified, in UTC. 2022-02-26T20:03:05Z, for example.

This field is returned if it exists in the resource.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

data[].exp_date

string
Conditionally returned

Payment card expiration date. This field is returned if it exists in the resource.

Allowable Values:

Format: MMyy

data[].is_default_account

boolean
Conditionally returned

If there are multiple funding sources, this field specifies which source is used by default in funding calls. If there is only one funding source, the system ignores this field and always uses that source.

This field is returned if it exists in the resource.

Allowable Values:

true, false

data[].last_modified_time

datetime
Returned

The date and time when the resource was last modified, in UTC. 2022-02-26T20:03:05Z, for example.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

data[].name_on_account

string
Conditionally returned

The name on the account. This field is returned if it exists in the resource.

Allowable Values:

1–50 chars

data[].partner

string
Conditionally returned

The name of the partner who validated the account holder. Returned when the funding source was created using the /fundingsources/ach/partner endpoint.

Allowable Values:

PLAID

data[].partner_account_link_reference_token

string
Conditionally returned

Supplied by the account validation partner, this value is a reference to the account holder’s details, such as the account number and routing number. Returned when the type field is set to ach.

Allowable Values:

255 max char

data[].token

string
Conditionally returned

The unique identifier of the funding source. This field is returned if it exists in the resource.

Allowable Values:

Existing funding source token

data[].type

string
Conditionally returned

The funding source type.

Allowable Values:

ACH, paymentcard

data[].user_token

string
Conditionally returned

The unique identifier of the user account holder. This token is returned if a business_token is not specified.

Allowable Values:

Existing user token

data[].verification_notes

string
Conditionally returned

Free-form text field for holding notes about verification. This field is returned only if verification_override = true.

Allowable Values:

255 char max

data[].verification_override

boolean
Conditionally returned

Allows the ACH funding source to be used regardless of its verification status.

Allowable Values:

true, false

data[].verification_status

string
Conditionally returned

The account verification status. This field is returned if it exists in the resource.

Allowable Values:

VERIFICATION_PENDING, ACH_VERIFIED, ACH_FAILED

end_index

integer
Conditionally returned

The sort order index of the last resource in the returned array.

Allowable Values:

Any integer

is_more

boolean
Conditionally returned

A value of true indicates that more unreturned resources exist.

Allowable Values:

true, false

start_index

integer
Conditionally returned

The sort order index of the first resource in the returned array.

Allowable Values:

Any integer

Sample response body
JSON
Copied

Is this helpful?

Yes
No

Set default source

Action: PUT
Endpoint: /fundingsources/{funding_source_token}/default

Configure either an ACH funding source or a payment card funding source as the default funding source.

A default funding source is used when you omit the funding_source_token field from funding requests, such as a POST request to /gpaorders. Note that the first funding source you create is automatically set as the default (is_default_source=true).

URL path parameters
Fields Description

funding_source_token

string
Required

Specifies the funding source to use by default.

You can set the default only to an ACH or payment card funding source.

Allowable Values:

Existing funding source token

Send a GET request to /fundingsources/user/{user_token} to retrieve existing funding source tokens for a user or to /fundingsources/business/{business_token} to retrieve existing funding source tokens for a business.

Response body
Fields Description

account_suffix

string
Returned

The last four digits of the account number.

Allowable Values:

4 char max

account_type

string
Returned

The type of payment card account.

Allowable Values:

checking, savings, corporate, loan

active

boolean
Returned

Specifies whether the account is active.

Allowable Values:

true, false

business_token

string
Conditionally returned

The unique identifier of the business account holder. This token is returned if a user_token is not specified.

Allowable Values:

Existing business token

created_time

datetime
Returned

The date and time when the resource was created, in UTC. 2022-02-26T20:03:05Z, for example.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

exp_date

string
Returned

Payment card expiration date.

Allowable Values:

Format: MMyy

is_default_account

boolean
Returned

If there are multiple funding sources, this field specifies which source is used by default in funding calls.

Allowable Values:

true, false

last_modified_time

datetime
Returned

The date and time when the resource was last modified, in UTC. 2022-02-26T20:03:05Z, for example.

Allowable Values:

Format: yyyy-MM-ddTHH:mm:ssZ

token

string
Returned

The unique identifier of the funding source.

Allowable Values:

Existing funding source token

type

string
Returned

The funding source type.

Allowable Values:

ACH, paymentcard

user_token

string
Conditionally returned

The unique identifier of the user account holder. This token is returned if a business_token is not specified.

Allowable Values:

Existing user token

Sample response body
JSON
Copied

Is this helpful?

Yes
No
Join our developer newsletter