Accessing the API



To access Finicity's API, the machine connecting to the API must be located inside the United States or Canada. TLS 1.2 or higher is required for all requests to the API.

Building the URL to Call a Service

The base URL for calling the Finicity API is:

To access any API service, append the service’s path to the base URL. For example, the path for the service Partner Authentication is:


Therefore, the complete URL for Partner Authentication is:


Request Headers

HTTP requests sent to the Finicity API require two HTTP headers:

    Finicity-App-Key: {from Developer Portal}
    Finicity-App-Token: {access token returned from Partner Authentication}

(Finicity-App-Token is not required on calls to Partner Authentication or Modify Partner Secret.)

All requests using POST or PUT with an XML body require an additional header:

    Content-Type: application/xml

A POST method that has no body (such as Refresh Customer Accounts) requires the header:

    Content-Length: 0

Have more questions? Submit a request


  • Avatar
    Dave Cottrell

    I can test the api with you online testing tool, but if I try to run the some command on my machine with curl I get errors trying to connect:

    • Hostname was NOT found in DNS cache
    • Trying
    • connect to port 443 failed: Connection timed out
    • Failed to connect to port 443: Connection timed out
    • Closing connection 0 curl: (7) Failed to connect to port 443: Connection timed out
  • Avatar

    Access to the direct API is limited by additional security layers that must be setup for you to start using the raw API. In addition to passing a security review, we require that your IP address be whitelisted. Contact Finicity Support to undergo your security review and have your IP Address whitelisted.

  • Avatar
    Chip Whitmer

    Note that IP whitelisting is no longer required for access to the API.

Powered by Zendesk