GET
/
api
/
v2.1
/
fintrans
/
{accountId}
/
allowed-operations
{
  "data": {
    "operations": [
      {
        "type": "<string>",
        "enabled": true,
        "limits": {
          "minAmount": "<string>",
          "maxAmount": "<string>",
          "dailyLimit": "<string>",
          "monthlyLimit": "<string>"
        },
        "consentRequired": true,
        "activeConsents": 123
      }
    ],
    "beneficiaries": {
      "total": 123,
      "active": 123,
      "currencies": [
        {}
      ]
    },
    "account": {
      "balances": {
        "available": "<string>",
        "current": "<string>",
        "locked": "<string>"
      },
      "currency": "<string>",
      "status": "<string>"
    }
  }
}

Overview

The Allowed Operations endpoint is the first step in the three-step transfer flow. It returns available financial operations for an account based on:
  • Account categorization and limits
  • Available beneficiaries
  • Active payment consents
  • Enabled features
This endpoint helps determine what operations can be performed before initiating a transaction.

Path Parameters

accountId
string
required
The wallet/account ID

Headers

Authorization
string
required
Bearer token for authentication
X-Tenant-ID
string
required
Tenant identifier for multi-tenant operations
X-Session-Id
string
Session ID for transaction tracking

Response

data
object
Allowed operations details

Example Request

curl --request GET \
  --url https://api.finhub.cloud/api/v2.1/fintrans/wal_abc123def456/allowed-operations \
  --header 'Authorization: Bearer YOUR_TOKEN' \
  --header 'X-Tenant-ID: fh_api_finsei_ltd_7f957f77' \
  --header 'X-Session-Id: sess_xyz789'
```text`n## Example Response

```json
{
  "data": {
    "operations": [
      {
        "type": "transfer",
        "enabled": true,
        "limits": {
          "minAmount": "1.00",
          "maxAmount": "10000.00",
          "dailyLimit": "20000.00",
          "monthlyLimit": "50000.00"
        },
        "consentRequired": true,
        "activeConsents": 2
      },
      {
        "type": "withdraw",
        "enabled": true,
        "limits": {
          "minAmount": "10.00",
          "maxAmount": "5000.00",
          "dailyLimit": "10000.00",
          "monthlyLimit": "30000.00"
        },
        "consentRequired": false,
        "activeConsents": 0
      },
      {
        "type": "topup",
        "enabled": true,
        "limits": {
          "minAmount": "10.00",
          "maxAmount": "50000.00",
          "dailyLimit": "100000.00",
          "monthlyLimit": "500000.00"
        },
        "consentRequired": false,
        "activeConsents": 0
      }
    ],
    "beneficiaries": {
      "total": 5,
      "active": 4,
      "currencies": ["EUR", "USD"]
    },
    "account": {
      "balances": {
        "available": "15000.00",
        "current": "15500.00",
        "locked": "500.00"
      },
      "currency": "EUR",
      "status": "ACTIVE"
    }
  }
}
```text`n## Operation Types

### Transfer
- **Description**: Send money to beneficiaries
- **Requirements**: Active beneficiaries, sufficient balance
- **Consent**: Usually required for beneficiary restrictions

### Withdraw
- **Description**: Withdraw funds to external account
- **Requirements**: Verified account, withdrawal method
- **Consent**: Optional based on configuration

### Topup
- **Description**: Add funds to the account
- **Requirements**: Funding source
- **Consent**: Not typically required

## Limit Calculation

Limits are determined by:

1. **Category Limits** - From customer categorization
2. **Consent Limits** - From active payment consents
3. **Account Balance** - Available funds
4. **Regulatory Limits** - Compliance requirements

The most restrictive limit applies.

## Consent Requirements

Operations may require consent when:
- Beneficiary restrictions are enabled
- Transaction limits need to be defined
- Regulatory compliance requires it

Check `consentRequired` field to determine if consent is needed.

## Usage Example

```javascript
// Step 1: Get allowed operations
const allowedOps = await fetch(
  `${baseUrl}/api/v2.1/fintrans/${walletId}/allowed-operations`,
  {
    headers: {
      'Authorization': `Bearer ${token}`,
      'X-Tenant-ID': tenantId
    }
  }
);

const opsData = await allowedOps.json();

// Check if transfers are allowed
const transferOp = opsData.data.operations.find(op => op.type === 'transfer');

if (transferOp && transferOp.enabled) {
  // Check if consent is required
  if (transferOp.consentRequired && transferOp.activeConsents === 0) {
    // Create payment consent first
    await createPaymentConsent({
      paymentType: 'TRANSFER',
      // ... consent parameters
    });
  }
  
  // Proceed to prepare transfer
  const preparedTransfer = await prepareTransfer({
    // ... transfer parameters
  });
}
```text`n## Error Scenarios

| Scenario | Response | Action Required |
|----------|----------|-----------------|
| No active beneficiaries | `transfer.enabled = false` | Add beneficiaries first |
| Insufficient balance | Reduced limits | Top up account |
| No active consent | `consentRequired = true` | Create payment consent |
| Account blocked | All operations disabled | Contact support |

## PowerShell Script Example

```powershell
# Get allowed operations for the wallet
try {
    # Use fintrans API endpoint
    $allowedOpsUrl = "$baseUrl/api/v2.1/fintrans/$walletId/allowed-operations"
    
    # Create headers with authentication
    $headers = @{
        "Authorization" = "Bearer $token"
        "Accept"        = "application/json"
        "X-Tenant-Id"   = $xTenantId
        "X-Session-Id"  = $sessionId
    }
    
    $allowedOpsResponse = Invoke-RestMethod -Uri $allowedOpsUrl -Method Get -Headers $headers
    
    if ($allowedOpsResponse.data) {
        Write-Host "Allowed operations for wallet: $walletId" -ForegroundColor Green
        Write-Host "================================" -ForegroundColor Green
        
        # Display operation details
        foreach ($operation in $allowedOpsResponse.data.operations) {
            Write-Host "`nOperation: $($operation.type)" -ForegroundColor Yellow
            Write-Host "  Enabled: $($operation.enabled)" -ForegroundColor White
            
            if ($operation.limits) {
                Write-Host "  Limits:" -ForegroundColor Cyan
                if ($operation.limits.maxAmount) {
                    Write-Host "    Max amount: $($operation.limits.maxAmount)" -ForegroundColor White
                }
                if ($operation.limits.dailyLimit) {
                    Write-Host "    Daily limit: $($operation.limits.dailyLimit)" -ForegroundColor White
                }
                if ($operation.limits.monthlyLimit) {
                    Write-Host "    Monthly limit: $($operation.limits.monthlyLimit)" -ForegroundColor White
                }
            }
            
            if ($operation.consentRequired) {
                Write-Host "  Consent: REQUIRED" -ForegroundColor Red
                Write-Host "    Active consents: $($operation.activeConsents)" -ForegroundColor White
            }
        }
        
        # Check beneficiaries
        if ($allowedOpsResponse.data.beneficiaries) {
            $benData = $allowedOpsResponse.data.beneficiaries
            Write-Host "`nBeneficiaries:" -ForegroundColor Cyan
            Write-Host "  Total: $($benData.total)" -ForegroundColor White
            Write-Host "  Active: $($benData.active)" -ForegroundColor White
            Write-Host "  Currencies: $($benData.currencies -join ', ')" -ForegroundColor White
        }
        
        # Check account status
        if ($allowedOpsResponse.data.account) {
            $accData = $allowedOpsResponse.data.account
            Write-Host "`nAccount Status:" -ForegroundColor Cyan
            Write-Host "  Status: $($accData.status)" -ForegroundColor White
            Write-Host "  Currency: $($accData.currency)" -ForegroundColor White
            if ($accData.balances) {
                Write-Host "  Available: $($accData.balances.available)" -ForegroundColor Green
                Write-Host "  Current: $($accData.balances.current)" -ForegroundColor White
                Write-Host "  Locked: $($accData.balances.locked)" -ForegroundColor Yellow
            }
        }
        
        # Check specific operation availability
        $transferOp = $allowedOpsResponse.data.operations | Where-Object { $_.type -eq "transfer" -and $_.enabled -eq $true }
        if ($transferOp) {
            Write-Host "`nTransfer operations are ENABLED" -ForegroundColor Green
            $script:transferLimits = $transferOp.limits
            
            if ($transferOp.consentRequired -and $transferOp.activeConsents -eq 0) {
                Write-Host "  WARNING: Payment consent required but none active!" -ForegroundColor Yellow
            }
        } else {
            Write-Host "`nTransfer operations are DISABLED" -ForegroundColor Red
        }
        
        # Save allowed operations for reference
        $allowedOpsFile = "./allowed_operations_$(Get-Date -Format 'yyyyMMddHHmmss').json"
        $allowedOpsResponse | ConvertTo-Json -Depth 5 | Set-Content -Path $allowedOpsFile
        Write-Host "`nAllowed operations saved to: $allowedOpsFile" -ForegroundColor Green
    }
    else {
        Write-Host "No allowed operations found for wallet: $walletId" -ForegroundColor Yellow
    }
}
catch {
    Write-Host "Failed to get allowed operations: $($_.Exception.Message)" -ForegroundColor Red
    
    # Handle specific errors
    if ($_.Exception.Response.StatusCode -eq 403) {
        Write-Host "  Insufficient permissions or wallet not active" -ForegroundColor Yellow
    }
}
```text`n## Next Steps

After checking allowed operations:

1. [Create Payment Consent](/latest/api-reference/v2.1/fintrans/create-payment-consent) - If required
2. [Prepare Order](/latest/api-reference/v2.1/fintrans/prepare-order) - Validate and calculate fees
3. [Execute Order](/latest/api-reference/v2.1/fintrans/execute-order) - Complete the transaction

## Related Endpoints

- [Get Beneficiaries](/latest/api-reference/v2.1/fintrans/get-beneficiaries) - View available recipients
- [Get Account Balance](/latest/api-reference/v2.1/wallet/get-balance) - Check current balance
- [Get Active Consents](/latest/api-reference/v2.1/consent/get-payment-consents) - View consent status