Skip to main content
The GEFT (Guaranteed Electronic Funds Transfer) API provides enterprise-grade payment processing with guaranteed settlement for EFT transactions. This API reference covers all endpoints needed to integrate GEFT payments.

Base URLs

Production: {{BaseUri}} Sandbox: {{BaseUri}}

Authentication

All GEFT API requests use OAuth 2.0 Client Credentials flow:
  1. Authenticate with Basic auth using Client ID and Secret
  2. Receive Bearer token valid for 599 seconds (10 minutes)
  3. Use Bearer token for all subsequent API calls
  4. Refresh token before expiration

API Endpoints

Authentication

MethodEndpointDescription
POST/api/v1/authorizeObtain access token

Session Management

MethodEndpointDescription
POST/api/v2/sessionsCreate GEFT session
GET/api/v2/sessions/{sessionId}/statusGet session status
GET/api/v2/sessions/{sessionId}/detailsGet session details
POST/api/v2/sessions/{sessionId}/guarantees/confirmConfirm Guarantee Decision
POST/api/v2/sessions/{sessionId}/cancelCancel session

Quick Start

1. Authenticate

curl --location '{{BaseUri}}/api/v1/authorize' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Basic {{Username:Password}}' \
--data-urlencode 'grant_type=client_credentials'

2. Create Session

curl --location '{{BaseUri}}/api/v2/sessions' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{access_token}}' \
--data-raw '{
  "referenceId": "USER12345",
  "type": "EFT",
  "direction": "DEBIT",
  "options": {
    "guarantee": {
      "enable": true
    }
  },
  "payor": {
    "firstName": "John",
    "lastName": "Smith",
    "address": {
      "addressLine1": "123 street",
      "city": "Toronto",
      "postalCode": "h2eh2e",
      "province": "ON",
      "country": "CA"
    }
  }
}'

3. Launch User Flow

<iframe
  src="{{BaseUri}}/app/?sessionId={{sessionId}}"
  width="100%"
  height="600">
</iframe>

4. Monitor Status

curl --location '{{BaseUri}}/api/v2/sessions/{{sessionId}}/status' \

Session Object

{
  "sessionId": "850750a4-3021-4061-ac03-a8d873aa4179",
  "referenceId": "USER12345",
  "amount": 500.00,
  "status": "Completed",
  "statusDetails": "EFT0301"
}

Status Codes

Session Status Values

StatusStatusDetailsDescription
InitiatedEFT0101Session created, awaiting user start
CompletedEFT0301Transaction scheduled, session fully completed
CompletedEFT0302Bank account validated, awaiting PAD signature
FailedEFT0401Login failed - invalid financial institution credentials
FailedEFT0402Eligibility failed - no guaranteed EFT offered
FailedEFT0403Identity failed - invalid user information verification
CanceledEFT0501Session canceled by API request
ExpiredEFT0601Session timed out - user inactive or did not complete

Status Meanings

EFT0101 - Session Created: A SessionId has been created and Flinks is awaiting for the user to start the session. EFT0301 - Transaction Scheduled: The user has successfully completed the session and a transaction schedule has been instructed. User is fully complete - transaction information can be checked for status of the schedule. This relates to an EFT transaction being instructed. EFT0302 - Bank Account Validated: The user has successfully validated their account (if required) - however, Flinks is awaiting the user to sign the PAD. EFT0401 - Login Failed: The user was not able to successfully login to their Financial Institution (received an invalid login). EFT0402 - Eligibility Failed: The user was not offered a Guaranteed EFT because of their account information (for example NSF or overall risk). Refer to reconciliation or the /Guarantees endpoint for more information. EFT0403 - Identity Failed: Invalid user information from their Financial Institution did not match provided user information, hence the session has failed. EFT0501 - Session Canceled: A call to the /Sessions/Cancel endpoint was made with the associated SessionId. EFT0601 - Session Timed Out: The sessionId timed-out before the user completed the session.

Field Specifications

Character Limits

FieldLimitNotes
firstName, lastName100 charactersRequired for identity matching
email100 charactersUsed for notifications
phone15 charactersNumbers only, no special characters
referenceId100 charactersStrongly recommended for tracking
addressLine1100 charactersStreet address
city100 charactersFull city name
postalCode6 charactersNo spaces (e.g., M5V0T7)
province2 charactersProvincial code (e.g., ON, QC)
country2 charactersOnly “CA” supported
accountNumberBetween 7 and 12 charactersNumbers only
transitNumber5 charactersNumbers only
institutionCode3 charactersNumbers only

Validation Rules

Amount:
  • Maximum: $99,999.99 (default)
  • Minimum: Client-configurable
  • Decimal places: Up to 2
Currency:
  • Only “CAD” supported
Province Codes:
  • AB (Alberta), BC (British Columbia), MB (Manitoba)
  • NB (New Brunswick), NL (Newfoundland and Labrador)
  • NT (Northwest Territories), NS (Nova Scotia), NU (Nunavut)
  • ON (Ontario), PE (Prince Edward Island), QC (Quebec)
  • SK (Saskatchewan), YT (Yukon)
Phone Numbers:
  • Numbers only
  • No country codes, spaces, or special characters
  • Example: “5551234567” (not “+1-555-123-4567”)

Payment Processing

EFT Processing Windows

GEFT follows Payments Canada EFT processing schedule:
WindowCutoff TimeSubmission TimeDays
Window 12:30am EDT9:30am EDTMon-Fri
Window 21:30pm EDT4:30pm EDTMon-Fri
Window 36:00pm EDT9:00pm EDTMon-Fri
Weekend/Holiday Processing: No processing on weekends or holidays. Settlement Timeline: Payments created before a cutoff are delivered approximately 2 hours after the next submission window.

Destination Account Logic

GEFT supports flexible destination account routing:
  1. With payee object: Funds settle to specified account
  2. Without payee object: Funds settle to your configured default account
  3. No payee + no default: Request rejected with error

Payment Instructions

When a guarantee is accepted, Flinks issues:
  1. EFT credit from Flinks float account to your destination account
  2. EFT debit from end-user’s account to Flinks float account
The EFT credit to your account is the key status for settlement confirmation.

Frontend Integration

iFrame URL Pattern

{{BaseUri}}/app/?sessionId={{sessionId}}

Event Monitoring

window.addEventListener('message', function(e) {
  console.log('GEFT Event:', e.data);

  if (e.data.Step === 'SUCCESS') {
    // Payment completed successfully
  } else if (e.data.Step === 'GUARANTEE_FAILED') {
    // Guarantee declined, offer alternatives
  }
});

Error Handling

API Errors

Authentication Failed: 
{
  "error": "invalid_client",
  "error_description": "Invalid client credentials"
}
Invalid Request: 
{
  "error": "invalid_request",
  "error_description": "Missing required field: firstName"
}
Session Not Found: 
{
  "error": "not_found",
  "error_description": "Session not found"
}

Common Integration Issues

  1. Token Expiration: Access tokens expire after 599 seconds
  2. Name Mismatch: User info must match bank account holder
  3. Amount Limits: Respect min/max amount configurations
  4. Character Limits: Validate field lengths before submission

Rate Limits

API endpoints have the following rate limits:
  • Authentication: 60 requests per minute
  • Session Creation: 100 requests per minute
  • Status Queries: 1000 requests per minute
Rate limit headers are included in responses: 
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 95
X-RateLimit-Reset: 1647360000

Testing

Use the sandbox environment for integration testing:
  • Test Scenarios: Happy1, Happy2, Happy3, Unhappy1, Unhappy7, Unhappy8
  • Credentials: Provided during onboarding
  • Test Data: Predefined user profiles and expected outcomes
See Sandbox Guide for complete testing procedures.

Support

Technical Support:
  • Contact your Technical Account Manager
  • Reference session IDs and timestamps in support requests
  • Include relevant API request/response data
Documentation:

Next Steps

  1. Authentication: Set up API authentication
  2. Session Creation: Create and manage sessions
  3. Setup Guide: Complete implementation walkthrough