Payment Flows

Multi-step automation on reconciled deposits: a trigger + conditions run an ordered list of actions (hold / release / notify / flag), with an audit trail.

Programmable, multi-step automation on reconciled deposits — the evolution of Money Rules. A flow is a trigger (deposit / overpaid / underpaid / fully-paid / high-risk) plus optional conditions (min amount, min risk) that runs an ordered list of actions (hold → release → notify → flag). Every run is recorded so you can audit exactly what fired and why.

Runs after reconciliation commits

Like Money Rules, flows execute post-commit and fully isolated — a flow can never change how a deposit was classified, and a failing action never aborts the others or the reconciliation.

Actions are idempotent

Each action reuses an existing primitive (Hold → escrow, Release → escrow release, Notify/Flag → webhook event) and is safe to re-run — e.g. Hold is a no-op if the account is already held.

Build them in the dashboard

Flows have a no-code builder under Flows in the dashboard; this API is the same surface for programmatic management.
get/api/v1/flows

List the tenant's flows (with their ordered actions).

Requires Bearer token

Responses

200OK
GET /api/v1/flows
curl -X GET "https://api.xental.online/api/v1/flows" \
  -H "Authorization: Bearer <API_TOKEN>"
post/api/v1/flows

Create a flow.

Creates a flow. actions is an ordered array run top-to-bottom; priority orders flows against each other. minAmountKobo and minRiskScore are optional gates.

Requires Bearer token

Body parameters

namestringoptional
triggerstringoptional
actionsstring[]optional
minAmountKobointegeroptional
minRiskScoreintegeroptional
priorityintegeroptional

Responses

201Created400Bad Request
POST /api/v1/flows
curl -X POST "https://api.xental.online/api/v1/flows" \
  -H "Authorization: Bearer <API_TOKEN>" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Ada Lovelace",
    "priority": 0
  }'
Example request body
{
  "name": "Ada Lovelace",
  "priority": 0
}
get/api/v1/flows/runs

The most recent flow-run audit entries.

The audit trail — one row per flow that fired for a deposit, with a human-readable outcome per action.

Requires Bearer token

Query parameters

takeintegeroptional

Responses

200OK
GET /api/v1/flows/runs
curl -X GET "https://api.xental.online/api/v1/flows/runs" \
  -H "Authorization: Bearer <API_TOKEN>"
get/api/v1/flows/{id}

Get a single flow by id.

Requires Bearer token

Path parameters

idstringrequired

Responses

200OK404Not Found
GET /api/v1/flows/{id}
curl -X GET "https://api.xental.online/api/v1/flows/:id" \
  -H "Authorization: Bearer <API_TOKEN>"
put/api/v1/flows/{id}

Replace a flow's configuration.

Requires Bearer token

Path parameters

idstringrequired

Body parameters

namestringoptional
triggerstringoptional
actionsstring[]optional
minAmountKobointegeroptional
minRiskScoreintegeroptional
priorityintegeroptional

Responses

200OK404Not Found
PUT /api/v1/flows/{id}
curl -X PUT "https://api.xental.online/api/v1/flows/:id" \
  -H "Authorization: Bearer <API_TOKEN>" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Ada Lovelace",
    "priority": 0
  }'
Example request body
{
  "name": "Ada Lovelace",
  "priority": 0
}
delete/api/v1/flows/{id}

Delete a flow.

Requires Bearer token

Path parameters

idstringrequired

Responses

204No Content404Not Found
DELETE /api/v1/flows/{id}
curl -X DELETE "https://api.xental.online/api/v1/flows/:id" \
  -H "Authorization: Bearer <API_TOKEN>"
post/api/v1/flows/{id}/enabled

Enable or disable a flow.

Requires Bearer token

Path parameters

idstringrequired

Body parameters

enabledbooleanoptional

Responses

204No Content404Not Found
POST /api/v1/flows/{id}/enabled
curl -X POST "https://api.xental.online/api/v1/flows/:id/enabled" \
  -H "Authorization: Bearer <API_TOKEN>" \
  -H "Content-Type: application/json" \
  -d '{
    "enabled": false
  }'
Example request body
{
  "enabled": false
}