Authentication

All API endpoints (except GET /health) require a Bearer token in the Authorization header.

curl -H "Authorization: Bearer YOUR_API_KEY" \
  https://api.finta.io/v2/me

API keys start with the finta_ prefix. Generate and manage them from API settings.

Verify your key

Call GET /me to confirm your key is valid and Storage Mode is enabled:

curl -H "Authorization: Bearer YOUR_API_KEY" \
  https://api.finta.io/v2/me

{
  "userId": "550e8400-e29b-41d4-a716-446655440000",
  "email": "you@example.com",
  "storageMode": true
}

If Storage Mode is off, the response will be 403 STORAGE_MODE_REQUIRED. Enable it from Data settings or by creating a new API key (which enables it automatically).

Account scope

Each API key can be scoped to a subset of your bank accounts. When a key has a restricted scope, requests for accounts outside that scope return 404 NOT_FOUND — the same response as if the resource does not exist — to avoid leaking that the account exists. A key with no scope restriction can access all of your accounts, including any you add in the future. See API Keys for how to configure scope.

​Verify your key

​Account scope

Verify your key

Account scope