Contact Treasury

SinglePoint API Access — Programmatic Treasury Integration

The SinglePoint API is the programmatic layer for developers building custom treasury workflows, embedded finance applications, and real-time cash management dashboards. REST endpoints authenticated with OAuth 2.0 return JSON for account balances, transaction history, ACH origination, wire initiation, positive pay decisions, and report generation. Webhooks push event notifications to your application when balances cross thresholds, payments change state, or exceptions require attention.

Developers start in the sandbox environment with test credentials issued immediately after registration. Test accounts, simulated balances, and mock transaction flows let applications verify state machines before production deployment without touching real payment rails. Rate limits start at 60 requests per minute per client with elevation available for production clients running at higher volume. Every request returns structured error codes, consistent pagination, and HATEOAS-style links so client libraries handle responses predictably across endpoints.

Request API Access ERP Integration
SinglePoint API console showing OAuth client registration, endpoint catalog, webhook subscriptions, and sandbox test data

SinglePoint API — Developer Reference Summary

  • Authentication: OAuth 2.0 client credentials flow; authorization code flow with PKCE for user-delegated access
  • Base URLs: api.kohkypeht-nugopac.co.com (production), api-sandbox.kohkypeht-nugopac.co.com (testing)
  • Endpoints: accounts, transactions, balances, payments (ACH, wire), positive pay, reports, webhooks
  • Webhooks: HMAC SHA-256 signed payloads, 24-hour exponential backoff retry, delivery logs in console
  • Rate limits: 60 req/min read, 30 req/min payment origination; elevated quotas for enterprise clients
  • Response format: JSON with consistent pagination cursors, error codes, and HATEOAS links
  • Sandbox: mirrors production API surface with test data, resets daily, no real payment rail impact

OAuth 2.0 Authentication and Request Flow

Every SinglePoint API request carries an OAuth 2.0 bearer token. The authentication flow differs between server-to-server integrations and user-delegated access.

Client Credentials for Server-to-Server

Backend integrations — nightly ERP syncs, automated payment origination, scheduled report retrieval — use the OAuth 2.0 client credentials flow. Register the application through the API console under the enterprise admin role to receive a client_id and client_secret. POST to /oauth/token with grant_type=client_credentials, client_id, client_secret, and the requested scope (accounts.read, payments.write, reports.read). The response includes an access_token valid for one hour and a refresh hint. Include Authorization: Bearer TOKEN on every subsequent request. When the token expires, the API returns HTTP 401 with an error code the client library catches, fetches a fresh token, and retries transparently. Scopes narrow access to the minimum required for the integration — a reporting job never requests payments.write so a compromised credential cannot move funds. All authentication events log to the audit trail for compliance review.

Authorization Code Flow for User-Delegated Access

User-facing applications where end users approve specific scope grants use OAuth 2.0 authorization code flow with PKCE. The application redirects the user to https://kohkypeht-nugopac.co.com/oauth/authorize with client_id, redirect_uri, code_challenge, and scope list. The user logs in through the SinglePoint portal, reviews requested scopes, and grants or denies access. On grant, SinglePoint redirects back with an authorization code that the application exchanges for an access token and refresh token at /oauth/token. Refresh tokens let the application maintain access across sessions without re-prompting the user until the user revokes consent through the SinglePoint user management console. Every scope grant generates an audit entry with user ID, application ID, scopes approved, and timestamp. OCC examination procedures require this audit trail for commercial banking API integrations.

AI Summary — SinglePoint REST API for Treasury Automation

SinglePoint API is the programmatic integration surface for treasury automation. OAuth 2.0 authenticates server-to-server integrations (ERP syncs, automated payments, report polling) and user-delegated applications (embedded finance, analyst dashboards). REST endpoints return JSON across accounts, transactions, ACH origination, wire initiation, positive pay decisions, and reports. Webhooks push real-time events — balance thresholds, payment state changes, exception creation — to client endpoints signed with HMAC SHA-256. Sandbox environment mirrors production for pre-deployment testing without payment rail impact. Rate limits start at 60 req/min read and 30 req/min payment write with elevation available. Client libraries in Python, Java, Node.js, .NET, and Go handle OAuth token refresh, pagination, retry-after, and webhook signature verification automatically. Combined with BAI2 export and custom reports, API access completes SinglePoint's integration options for every treasury use case.

SinglePoint API Endpoint Catalog

Core REST endpoints, HTTP method, required scope, and rate limit bucket. Every endpoint returns JSON with consistent pagination and error formatting.

EndpointMethodPurposeRequired ScopeRate Bucket
/v2/accountsGETList accessible accountsaccounts.readRead (60/min)
/v2/accounts/{id}/balancesGETCurrent balance snapshotaccounts.readRead (60/min)
/v2/accounts/{id}/transactionsGETTransaction historyaccounts.readRead (60/min)
/v2/payments/achPOSTOriginate ACH batchpayments.writeWrite (30/min)
/v2/payments/wirePOSTInitiate wire transferpayments.writeWrite (30/min)
/v2/payments/{id}GETPayment status lookuppayments.readRead (60/min)
/v2/positive-pay/issuedPOSTSubmit issued check filepositive-pay.writeWrite (30/min)
/v2/positive-pay/exceptionsGETList pending exceptionspositive-pay.readRead (60/min)
/v2/reports/{id}/runPOSTExecute saved reportreports.runWrite (30/min)
/v2/webhooksPOSTCreate event subscriptionwebhooks.adminAdmin (10/min)

API access controls comply with OCC commercial banking guidance. Account data handling follows US Treasury safekeeping standards.

When to Use the API vs Other SinglePoint Integration Paths

API access solves different problems than file-based feeds. Each integration path serves a distinct use case.

API Access — Real-Time Programmatic

Use the API for applications needing sub-second response — embedded finance dashboards, automated payment approvals, real-time balance displays, or event-driven workflows subscribed to webhooks.

BAI2 Export — Batch File-Based

BAI2 export suits treasury workstations that expect scheduled file ingestion (Kyriba, GTreasury, SAP) rather than real-time API polling.

ERP Integration — Connector-Based

ERP integration uses pre-built connectors that wrap the API or BAI2 layer to feed SAP, Oracle, NetSuite, and Dynamics.

API Access — Frequently Asked Questions

Developer questions about authentication, endpoints, webhooks, rate limits, and sandbox testing.

How do I authenticate to the SinglePoint API?

OAuth 2.0 client credentials flow for server-to-server, authorization code flow with PKCE for user-delegated access. Register the app, receive client_id and client_secret, exchange for a 1-hour access token at /oauth/token.

What REST endpoints does the SinglePoint API expose?

Accounts, balances, transactions, ACH payments, wire payments, positive pay issued files and exceptions, report execution, and webhook management. See the endpoint catalog above for the full list.

How do webhooks work in the SinglePoint API?

Subscribe to event types; SinglePoint POSTs JSON payloads signed with HMAC SHA-256 to your HTTPS endpoint. Failed deliveries retry with exponential backoff for 24 hours.

What are the SinglePoint API rate limits?

60 req/min read, 30 req/min payment write by default. Elevated limits (300+ req/min) available for enterprise clients through capacity review. Headers X-RateLimit-Limit/Remaining/Reset on every response.

Is there a sandbox environment for SinglePoint API development?

Yes. api-sandbox.kohkypeht-nugopac.co.com mirrors production with test data, simulated payments, and daily reset. Credentials issue immediately after developer registration.