generated: '2026-07-15' method: generated source: openapi/fintecture-ais-api-openapi.yml, openapi/fintecture-customers-api-openapi.yml, openapi/fintecture-emandates-api-openapi.yml, openapi/fintecture-oac-api-openapi.yml, openapi/fintecture-oauth-api-openapi.yml, openapi/fintecture-pis-api-openapi.yml, openapi/fintecture-resources-api-openapi.yml, openapi/fintecture-transactions-api-openapi.yml description: Recommended x-agentic-access execution contracts, classified heuristically from the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind audience per deployment. See research/curity/agentic-governance/. summary: operations: 69 by_action_class: connected: 36 acting: 33 by_consequence: read: 36 write: 26 physical: 7 human_in_the_loop_required: 0 operations: - path: /ais/v1/provider/{provider_id}/authorize method: get operationId: getAisV1ProviderAuthorization x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /ais/v1/provider/{provider_id}/authorize/decoupled method: get operationId: getAisV1ProviderAuthorizationDecoupled x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /ais/v2/connect method: get operationId: getAisV2Connect x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /ais/v1/customer/{customer_id} method: delete operationId: deleteAisV1Customer x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /ais/v1/customer/{customer_id}/accounts method: get operationId: getAisV1CustomerAccounts x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /ais/v1/customer/{customer_id}/account/{account_id} method: get operationId: getAisV1CustomerAccount x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /ais/v1/customer/{customer_id}/account/{account_id}/holders method: get operationId: getAisV1CustomerAccountHolders x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /ais/v1/customer/{customer_id}/account/{account_id}/transactions method: get operationId: getAisV1CustomerAccountTransactions x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /ais/v1/verification method: post operationId: createAisV1Verification x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/customers method: get operationId: listAllCustomers x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/customers method: post operationId: createCustomer x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/customers/{customer_id} method: get operationId: getCustomerById x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/customers/{customer_id}/bank-accounts method: get operationId: listAllCustomerBankAccounts x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/customers/{customer_id}/bank-accounts method: post operationId: createCustomerBankAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/customers/{customer_id}/bank-accounts/{account_id} method: get operationId: getBankAccountById x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/customers/{customer_id}/verification method: post operationId: initiateCustomerVerification x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/customers/{customer_id}/verifications method: get operationId: listAllCustomerVerifications x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/customers/{customer_id}/verification/{verification_id} method: get operationId: getCustomerVerificationById x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/e-mandates method: get operationId: listAllEmandates x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/e-mandates method: post operationId: createEmandate x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/e-mandates/{mandate_id} method: get operationId: getEmandateById x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/e-mandates/{mandate_id} method: patch operationId: patchEmandateById x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/applications method: get operationId: getApplications x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/applications method: post operationId: postApplications x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/applications/current method: get operationId: getResV1Applications x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/applications/{app_id} method: get operationId: getApplicationById x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/applications/{app_id} method: patch operationId: patchApplicationById x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/applications/{app_id} method: delete operationId: deleteApplicationById x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/bank-accounts method: get operationId: getBankAccounts x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/bank-accounts method: post operationId: postBankAccounts x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/bank-accounts/{bank_account_id} method: patch operationId: patchBankAccountById x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/bank-accounts/{bank_account_id} method: delete operationId: deleteBankAccountById x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/companies method: get operationId: getCompanies x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/companies method: post operationId: postCompanies x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/companies/{company_id} method: get operationId: getCompanyById x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/companies/{company_id} method: patch operationId: patchCompanyById x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/companies/{company_id} method: delete operationId: deleteCompanyById x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/organisation-nodes method: post operationId: postOrganisationNodes x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/organisation-nodes/{organisation_node_id} method: get operationId: getOrganisationNodeById x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/organisation-nodes/{organisation_node_id} method: patch operationId: patchOrganisationNodeById x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/organisation-nodes/{organisation_node_id} method: delete operationId: deleteOrganisationNodeById x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/organisation-nodes/{organisation_node_id}/tree method: get operationId: getOrganisationNodeTree x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/organisation-nodes/{organisation_node_id}/companies method: get operationId: getOrganisationNodeCompanies x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/memberships method: post operationId: postMemberships x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/memberships/{membership_id} method: patch operationId: patchMembershipById x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/memberships/{membership_id} method: delete operationId: deleteMembershipById x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/users method: post operationId: postUsers x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/users/{user_id} method: get operationId: getUserById x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/users/{user_id} method: patch operationId: patchUserById x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/users/{user_id} method: delete operationId: deleteUserById x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /oauth/accesstoken method: post operationId: createAccessToken x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /oauth/refreshtoken method: post operationId: createRefreshToken x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /pis/v2/connect method: post operationId: createPisV2Connect x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /pis/v2/payments method: get operationId: getPisV2Payments x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /pis/v2/payments/{payment_id} method: get operationId: getPaymentSession x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /pis/v2/payments/{payment_id} method: patch operationId: patchPisV2PaymentSession x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /pis/v2/payments/{payment_id}/refunds method: get operationId: getPisV2PaymentRefunds x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /pis/v2/refund method: post operationId: createPisV2Refund x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /pis/v2/request-to-pay method: post operationId: createPisV2RequestToPay x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /pis/v2/request-for-payout method: post operationId: createPisV2RequestForPayout x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /pis/v2/settlements method: get operationId: getPisV2Settlements x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /pis/v2/settlements/{settlement_id} method: get operationId: getSettlementById x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /res/v1/providers method: get operationId: getResV1Providers x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /res/v1/providers/{provider_id} method: get operationId: getResV1Provider x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /res/v1/test-accounts method: get operationId: getResV1TestAccounts x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /res/v1/test-accounts/{account_id} method: get operationId: getResV1TestAccountById x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/transactions method: get operationId: listAllTransactions x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/transactions/{transaction_id} method: get operationId: getTransactionById x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/transactions/simulate method: post operationId: simulateTransactionEvent x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required