Package-level declarations
Types
A response containing a list of transactions
Retrieve a list of transactions across all public accounts.
Response containing multiple transaction types
Retrieve a single transaction
Response containing multiple transaction types
Type of account financial account
Create an account holder and initiate the appropriate onboarding workflow. Account holders and accounts have a 1:1 relationship. When an account holder is successfully created an associated account is also created. All calls to this endpoint will return a synchronous response. The response time will depend on the workflow. In some cases, the response may indicate the workflow is under review or further action will be needed to complete the account creation process. This endpoint can only be used on accounts that are part of the program that the calling API key manages.
Retrieve the status of account holder document uploads, or retrieve the upload URLs to process your image uploads.
Get a list of individual or business account holders and their KYC or KYB evaluation status.
Check the status of an account holder document upload, or retrieve the upload URLs to process your image uploads.
Get an Individual or Business Account Holder and/or their KYC or KYB evaluation status.
Simulates a review for an account holder document upload.
Simulates an enrollment review for an account holder. This endpoint is only applicable for workflows that may required intervention such as KYB_BASIC.
Update the information associated with a particular account holder (including business owners and control persons associated to a business account). If Lithic is performing KYB or KYC and additional verification is required we will run the individual's or business's updated information again and return whether the status is accepted or pending (i.e., further action required). All calls to this endpoint will return a synchronous response. The response time will depend on the workflow. In some cases, the response may indicate the workflow is under review or further action will be needed to complete the account creation process. This endpoint can only be used on existing accounts that are part of the program that the calling API key manages.
Use this endpoint to identify which type of supported government-issued documentation you will upload for further verification. It will return two URLs to upload your document images to - one for the front image and one for the back image.
List account configurations.
Get account configuration such as spend limits.
Get an Account's available spend limits, which is based on the spend limit configured on the Account and the amount already spent over the spend limit's duration. For example, if the Account has a daily spend limit of
$1000 configured, and has spent $
600 in the last 24 hours, the available spend limit returned would be $400.Update account configuration such as state or spend limits. Can only be run on accounts that are part of the program managed by this API key. Accounts that are in the PAUSED state will not be able to transact or create new cards.
Aggregate Balance across all end-user accounts
Get the aggregated balance across all end-user accounts by financial account type
Card Aggregate Balance across all end-user accounts
Represents a 3DS authentication
Associates a V2 Auth rule with a card program, the provided account(s) or card(s).
Initiates a request to asynchronously generate a backtest for an Auth rule. During backtesting, both the active version (if one exists) and the draft version of the Auth Rule are evaluated by replaying historical transaction data against the rule's conditions. This process allows customers to simulate and understand the effects of proposed rule changes before deployment. The generated backtest report provides detailed results showing whether the draft version of the Auth Rule would have approved or declined historical transactions which were processed during the backtest period. These reports help evaluate how changes to rule configurations might affect overall transaction approval rates.
Returns the backtest results of an Auth rule (if available).
Creates a new V2 Auth rule in draft mode
Deletes a V2 Auth rule
Creates a new draft version of a rule that will be ran in shadow mode.
Lists V2 Auth rules
Promotes the draft version of an Auth rule to the currently active version such that it is enforced in the respective stream.
This endpoint is deprecated and will be removed in the future. Requests a performance report of an Auth rule to be asynchronously generated. Reports can only be run on rules in draft or active mode and will included approved and declined statistics as well as examples. The generated report will be delivered asynchronously through a webhook with event_type = auth_rules.performance_report.created. See the docs on setting up webhook subscriptions.
Fetches the current calculated Feature values for the given Auth Rule
Fetches a V2 Auth rule by its token
Retrieves a performance report for an Auth rule containing daily statistics and evaluation outcomes.
Updates a V2 Auth rule's properties
Retrieve the ASA HMAC secret key. If one does not exist for your program yet, calling this endpoint will create one for you. The headers (which you can use to verify webhooks) will begin appearing shortly after calling this endpoint for the first time. See this page for more detail about verifying ASA webhooks.
Generate a new ASA HMAC secret key. The old ASA HMAC secret key will be deactivated 24 hours after a successful request to this endpoint. Make a GET /auth_stream/secret request to retrieve the new secret key.
Get the balances for a program, business, or a given end-user account
Balance of a Financial Account
Book transfer funds between two financial accounts or between a financial account and card
List book transfers
Get book transfer by token
Reverse a book transfer
Get the aggregated card balance across all end-user accounts.
Get the balances for a given card.
Convert a virtual card into a physical card and manufacture it. Customer must supply relevant fields for physical card creation including product_id, carrier, shipping_method, and shipping_address. The card token will be unchanged. The card's type will be altered to PHYSICAL. The card will be set to state PENDING_FULFILLMENT and fulfilled at next fulfillment cycle. Virtual cards created on card programs which do not support physical cards cannot be converted. The card program cannot be changed as part of the conversion. Cards must be in an OPEN state to be converted. Only applies to cards of type VIRTUAL (or existing cards with deprecated types of DIGITAL_WALLET and UNLOCKED).
Create a new virtual or physical card. Parameters shipping_address and product_id only apply to physical cards.
Handling full card PANs and CVV codes requires that you comply with the Payment Card Industry Data Security Standards (PCI DSS). Some clients choose to reduce their compliance obligations by leveraging our embedded card UI solution documented below.
List the financial transactions for a given card.
Get the card financial transaction for the provided token.
List cards.
List card programs.
Get card program.
Allow your cardholders to directly add payment cards to the device's digital wallet (e.g. Apple Pay) with one touch from your app.
Initiate print and shipment of a duplicate physical card (e.g. card is physically damaged). The PAN, expiry, and CVC2 will remain the same and the original card can continue to be used until the new card is activated. Only applies to cards of type PHYSICAL. A card can be reissued or renewed a total of 8 times.
Applies to card types PHYSICAL and VIRTUAL. For PHYSICAL, creates a new card with the same card token and PAN, but updated expiry and CVC2 code. The original card will keep working for card-present transactions until the new card is activated. For card-not-present transactions, the original card details (expiry, CVC2) will also keep working until the new card is activated. A PHYSICAL card can be reissued or renewed a total of 8 times. For VIRTUAL, the card will retain the same card token and PAN and receive an updated expiry and CVC2 code. product_id, shipping_method, shipping_address, carrier are only relevant for renewing PHYSICAL cards.
Get card configuration such as spend limit and state.
Get a Card's available spend limit, which is based on the spend limit configured on the Card and the amount already spent over the spend limit's duration. For example, if the Card has a monthly spend limit of
$1000 configured, and has spent $
600 in the last month, the available spend limit returned would be $400.Get card configuration such as spend limit and state. Customers must be PCI compliant to use this endpoint. Please contact [email protected] for questions. Note: this is a POST endpoint because it is more secure to send sensitive data in a request body than in a URL.
Update the specified properties of the card. Unsupplied properties will remain unchanged.
Allow your cardholders to directly add payment cards to the device's digital wallet from a browser on the web. Currently only suported for Apple Pay.
Response from Card Program to a 3DS Authentication challenge
Whether the Cardholder has approved or declined the issued Challenge
Status of api
The attribute to target.
Get the extended credit for a given credit product under a program
Post Credit Product Prime Rate
Get Credit Product Prime Rates
List digital card art.
Get digital card art by token.
Initiate a dispute.
Soft delete evidence for a dispute. Evidence will not be reviewed or submitted by Lithic after it is withdrawn.
Withdraw dispute.
Dispute evidence.
Use this endpoint to upload evidences for the dispute. It will return a URL to upload your documents to. The URL will expire in 30 minutes.
List evidence metadata for a dispute.
List disputes.
Get a dispute's evidence metadata.
Get dispute.
Update dispute. Can only be modified if status is NEW.
Resend an event to an event subscription.
List all the message attempts for a given event.
List all events.
Get an event.
A subscription to specific event types.
Create a new event subscription.
Delete an event subscription.
List all the message attempts for a given event subscription.
List all the event subscriptions.
Resend all failed messages since a given time.
Replays messages to the endpoint. Only messages that were created after begin will be sent. Messages that were previously sent to the endpoint are not resent. Message will be retried if endpoint responds with a non-2xx status code. See Retry Schedule for details.
Get an event subscription.
Get the secret for an event subscription.
Rotate the secret for an event subscription. The previous secret will be valid for the next 24 hours.
Send an example message for event.
Update an event subscription.
Creates an external bank account within a program or Lithic account.
List all the external bank accounts for the provided search criteria.
Verify the external bank account by providing the micro deposit amounts.
Get the external bank account by token.
Retry external bank account micro deposit verification.
Retry external bank account prenote verification.
Update the external bank account by token.
Cancel external payment
Create external payment
List external payments
Release external payment
Get external payment
Reverse external payment
Settle external payment
External resource associated with the management operation
Type of external resource associated with the management operation
Get the balances for a given financial account.
Create a new financial account
Get an Account's credit configuration
Update an account's credit configuration
Retrieve information on your financial accounts including routing and account number.
List the loan tapes for a given financial account.
Get a specific loan tape for a given financial account.
Register account number
Get a financial account
List the line items for a given statement within a given financial account.
List the statements for a given financial account.
Get a specific statement for a given financial account.
Update a financial account
Update financial account status
List the financial transactions for a given financial account.
Get the financial transaction for the provided token.
Report fraud for a specific transaction token by providing details such as fraud type, fraud status, and any additional comments.
Retrieve a fraud report for a specific transaction identified by its unique transaction token.
Get all funding events for program
Get funding event details by id
Get funding event for program by id
Type of instance financial account
Create management operation
List management operations
Get management operation
Reverse a management operation
A subscription to specific event types.
List network programs.
Get network program.
Card details without PCI information
Initiates a payment between a financial account and an external bank account.
List all the payments for the provided search criteria.
Get the payment by token.
Retry an origination which has been returned.
Simulate payment lifecycle event
Simulates a receipt of a Payment.
Simulates a release of a Payment.
Simulates a return of a Payment.
List details.
List network total records with optional filters. Not available in sandbox.
Retrieve a specific network total record by token. Not available in sandbox.
Get the settlement report for a specified report date. Not available in sandbox.
Check the status of a responder endpoint
Enroll a responder endpoint
Disenroll a responder endpoint
Spend limit duration values:
Get 3DS Authentication by token
Endpoint for simulating entering OTP into 3DS Challenge UI. A call to /v1/three_ds_authentication/simulate that resulted in triggered SMS-OTP challenge must precede. Only a single attempt is supported; upon entering OTP, the challenge is either approved or declined.
Simulates a 3DS authentication request from the payment network as if it came from an ACS. If you're configured for 3DS Customer Decisioning, simulating authentications requires your customer decisioning endpoint to be set up properly (respond with a valid JSON). If the authentication decision is to challenge, ensure that the account holder associated with the card transaction has a valid phone number configured to receive the OTP code via SMS.
Card program's response to a 3DS Challenge Request. Challenge Request is emitted as a webhook three_ds_authentication.challenge and your Card Program needs to be configured with Out of Band (OOB) Challenges in order to receive it (see https://docs.lithic.com/docs/3ds-challenge-flow for more information).
Retrieve the 3DS Decisioning HMAC secret key. If one does not exist for your program yet, calling this endpoint will create one for you. The headers (which you can use to verify 3DS Decisioning requests) will begin appearing shortly after calling this endpoint for the first time. See this page for more detail about verifying 3DS Decisioning requests.
Generate a new 3DS Decisioning HMAC secret key. The old secret key will be deactivated 24 hours after a successful request to this endpoint. Make a GET /three_ds_decisioning/secret request to retrieve the new secret key.
This endpoint is used to ask the card network to activate a tokenization. A successful response indicates that the request was successfully delivered to the card network. When the card network activates the tokenization, the state will be updated and a tokenization.updated event will be sent. The endpoint may only be used on digital wallet tokenizations with status INACTIVE, PENDING_ACTIVATION, or PENDING_2FA. This will put the tokenization in an active state, and transactions will be allowed. Reach out at lithic.com/contact for more information.
This endpoint is used to ask the card network to deactivate a tokenization. A successful response indicates that the request was successfully delivered to the card network. When the card network deactivates the tokenization, the state will be updated and a tokenization.updated event will be sent. Authorizations attempted with a deactivated tokenization will be blocked and will not be forwarded to Lithic from the network. Deactivating the token is a permanent operation. If the target is a digital wallet tokenization, it will be removed from its device. Reach out at lithic.com/contact for more information.
Retrieve the Tokenization Decisioning secret key. If one does not exist your program yet, calling this endpoint will create one for you. The headers of the Tokenization Decisioning request will contain a hmac signature which you can use to verify requests originate from Lithic. See this page for more detail about verifying Tokenization Decisioning requests.
Generate a new Tokenization Decisioning secret key. The old Tokenization Decisioning secret key will be deactivated 24 hours after a successful request to this endpoint.
List card tokenizations
This endpoint is used to ask the card network to pause a tokenization. A successful response indicates that the request was successfully delivered to the card network. When the card network pauses the tokenization, the state will be updated and a tokenization.updated event will be sent. The endpoint may only be used on tokenizations with status ACTIVE. A paused token will prevent merchants from sending authorizations, and is a temporary status that can be changed. Reach out at lithic.com/contact for more information.
This endpoint is used to ask the card network to send another activation code to a cardholder that has already tried tokenizing a card. A successful response indicates that the request was successfully delivered to the card network. The endpoint may only be used on Mastercard digital wallet tokenizations with status INACTIVE, PENDING_ACTIVATION, or PENDING_2FA. The network will send a new activation code to the one of the contact methods provided in the initial tokenization flow. If a user fails to enter the code correctly 3 times, the contact method will not be eligible for resending the activation code, and the cardholder must restart the provision process. Reach out at lithic.com/contact for more information.
Get tokenization
This endpoint is used to simulate a card's tokenization in the Digital Wallet and merchant tokenization ecosystem.
This endpoint is used to ask the card network to unpause a tokenization. A successful response indicates that the request was successfully delivered to the card network. When the card network unpauses the tokenization, the state will be updated and a tokenization.updated event will be sent. The endpoint may only be used on tokenizations with status PAUSED. This will put the tokenization in an active state, and transactions may resume. Reach out at lithic.com/contact for more information.
This endpoint is used update the digital card art for a digital wallet tokenization. A successful response indicates that the card network has updated the tokenization's art, and the tokenization's digital_cart_art_token field was updated. The endpoint may not be used on tokenizations with status DEACTIVATED. Note that this updates the art for one specific tokenization, not all tokenizations for a card. New tokenizations for a card will be created with the art referenced in the card object's digital_card_art_token field. Reach out at lithic.com/contact for more information.
Get all L2/L3 enhanced commercial data associated with a transaction. Not available in sandbox.
Get L2/L3 enhanced commercial data associated with a transaction event. Not available in sandbox.
Expire authorization
List card transactions. All amounts are in the smallest unit of their respective currency (e.g., cents for USD) and inclusive of any acquirer fees.
Get a specific card transaction. All amounts are in the smallest unit of their respective currency (e.g., cents for USD).
Simulates an authorization advice from the card network as if it came from a merchant acquirer. An authorization advice changes the pending amount of the transaction.
Simulates an authorization request from the card network as if it came from a merchant acquirer. If you are configured for ASA, simulating authorizations requires your ASA client to be set up properly, i.e. be able to respond to the ASA request with a valid JSON. For users that are not configured for ASA, a daily transaction limit of $5000 USD is applied by default. You can update this limit via the update account endpoint.
Clears an existing authorization, either debit or credit. After this event, the transaction transitions from PENDING to SETTLED status.
Simulates a credit authorization advice from the card network. This message indicates that the network approved a credit authorization on your behalf.
Simulates a credit authorization advice from the card network. This message indicates that the network approved a credit authorization on your behalf.
Returns, or refunds, an amount back to a card. Returns simulated via this endpoint clear immediately, without prior authorization, and result in a SETTLED transaction status.
Reverses a return, i.e. a credit transaction with a SETTLED status. Returns can be financial credit authorizations, or credit authorizations that have cleared.
Voids a pending authorization. If amount is not set, the full amount will be voided. Can be used on partially voided transactions but not partially cleared transactions. Simulating an authorization expiry on credit authorizations or credit authorization advice is not currently supported but will be added soon.
Transfer funds between two financial accounts or between a financial account and card
DEPRECATED: This has been deprecated in favor of the Trailing Window Objects