Skip to content

Frequently Asked Questions

Common questions and answers about using the TreasuryPath API.

Authentication

How do I get API credentials?

  1. Log into your TreasuryPath workspace
  2. Navigate to Settings → API Keys
  3. Click "Create New API Key"
  4. Copy your API key and secret (secret is only shown once)
  5. Store credentials securely

How long do JWT tokens last?

JWT tokens expire after 24 hours. You'll need to refresh them using your API credentials before they expire.

Can I use the same API credentials in multiple applications?

Yes, but we recommend creating separate API keys for each application or environment for better security and easier management.

Payments

What payment methods are supported?

TreasuryPath supports various payment methods depending on your bank account's routing details. See our Payment Methods Guide for a complete list.

How long do payments take to process?

Processing times vary by payment method: - ACH: 1-3 business days - Wire transfers: Same day (if submitted before cutoff) - Faster payments (UK): Near-instant - FedNow (US): Near-instant

Can I cancel a payment after it's created?

Payments can only be cancelled if they haven't started processing. Once a payment enters "processing" status, it cannot be cancelled.

What happens if a payment fails?

Failed payments will have a status of "failed" with a reason code. Common reasons include insufficient funds, invalid account details, or compliance issues. You can retry the payment after addressing the issue.

Bank Accounts

Why can't I see all my bank accounts?

The API only returns bank accounts that: - Are successfully connected and verified - Belong to the specified company - You have permission to access

How often are bank account balances updated?

Balances are updated when: - You manually refresh the account - A payment is processed - During scheduled daily updates (varies by institution)

Can I add bank accounts via the API?

Currently, bank accounts must be added through the TreasuryPath dashboard. API access is read-only for security reasons.

Rate Limits

What are the rate limits?

Standard rate limits are: - 100 requests per minute per API key - 1,000 requests per hour per API key - 10,000 requests per day per API key

What happens when I hit rate limits?

You'll receive a 429 Too Many Requests response with a retry_after field indicating when you can make the next request.

Can I request higher rate limits?

Yes, contact support to discuss your use case and we can adjust limits accordingly.

Webhooks

How reliable are webhooks?

Webhooks are delivered with high reliability, but you should implement idempotent processing as you may receive duplicate events.

What if my webhook endpoint is down?

TreasuryPath will retry failed webhooks up to 5 times with exponential backoff over several hours.

Can I replay missed webhooks?

Currently, webhook replay isn't available through the API. Contact support if you need to replay specific events.

Security

How do I verify webhook signatures?

Use the webhook secret to verify HMAC-SHA256 signatures. See our Webhooks Guide for implementation examples.

Should I store API secrets in my code?

Never store API secrets in your code or version control. Use environment variables or secure secret management systems.

What IP addresses do webhooks come from?

Webhooks are sent from these IP ranges: - 52.86.224.0/20 - 35.174.128.0/20

You can whitelist these ranges in your firewall if needed.

Troubleshooting

I'm getting 401 Unauthorized errors

Common causes: - Expired JWT token - refresh using your API credentials - Invalid API credentials - verify key and secret - Missing Authorization header - include Bearer {token}

My requests are timing out

  • Check our status page for service issues
  • Increase your client timeout (we recommend 30+ seconds)
  • Implement retry logic with exponential backoff

I'm getting validation errors

  • Check the error details for specific field issues
  • Verify your request matches the API documentation
  • Ensure all required fields are provided

Development

Is there a sandbox environment?

Yes, we provide a sandbox environment for testing. Contact support for access details.

Can I test webhooks locally?

Use tools like ngrok to expose your local development server to receive webhooks during testing.

Are there SDKs available?

We currently provide examples in multiple languages. Official SDKs are coming soon.

Billing and Limits

Are there transaction limits?

Transaction limits vary by account type and verification level. Check your workspace settings for current limits.

How is API usage billed?

API usage is included in your TreasuryPath subscription. High-volume usage may have additional fees - contact sales for details.

Getting Help

Still have questions?

  • Check our API Reference for detailed documentation
  • Contact support at support@treasurypath.com
  • Join our developer community on Discord
  • Schedule a call with our integration team