Customers
Agents
- GETList agents
- POSTCreate agent (auto-creates virtual card and policy)
- GETGet agent by ID
- DELDelete agent (cascades to card, policy, tokens)
- PATCHUpdate agent
- POSTFund agent card (adds to wallet balance)
- GETGet agent wallet balance and IBAN
- POSTFreeze agent (also freezes card)
- POSTUnfreeze agent (also unfreezes card)
Agent Tokens
Policies
- GETList standalone policies
- POSTCreate standalone policy template
- DELDelete standalone policy (cannot delete agent-bound policies)
- POSTApply a policy template to an agent
- GETGet the effective policy for an agent
- PATCHUpdate agent policy (API key or dashboard only)
- POSTSimulate a spending intent against an agent's policy
Intents
Cards
- GETList all cards across all agents
- GETList cards for an agent
- POSTIssue additional card for an agent
- GETGet sensitive card data (PAN, CVC). Agent tokens must provide intentId.
- POSTFreeze card
- POSTUnfreeze card
- POSTPermanently close card
- POSTRotate card (close old, issue new with same limits)
- PATCHSet card spend limit
- GETGet effective policy summary with spend stats for a card
Checkout
Transactions
Webhooks
Disputes
GDPR
Merchants
Access Events
Request card access (evaluates policy and returns grant/deny decision)
Copy
Ask AI
curl --request POST \
--url https://api.getovra.com/cards/{cardId}/access \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"intentId": "<string>",
"purpose": "<string>",
"expectedAmount": 123,
"reason": "<string>"
}
'Copy
Ask AI
{
"id": "<string>",
"cardId": "<string>",
"agentId": "<string>",
"intentId": "<string>",
"decision": "granted",
"reasons": [
"<string>"
],
"expiresAt": "2023-11-07T05:31:56Z",
"createdAt": "2023-11-07T05:31:56Z"
}Access Events
Request card access (evaluates policy and returns grant/deny decision)
POST
/
cards
/
{cardId}
/
access
Request card access (evaluates policy and returns grant/deny decision)
Copy
Ask AI
curl --request POST \
--url https://api.getovra.com/cards/{cardId}/access \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"intentId": "<string>",
"purpose": "<string>",
"expectedAmount": 123,
"reason": "<string>"
}
'Copy
Ask AI
{
"id": "<string>",
"cardId": "<string>",
"agentId": "<string>",
"intentId": "<string>",
"decision": "granted",
"reasons": [
"<string>"
],
"expiresAt": "2023-11-07T05:31:56Z",
"createdAt": "2023-11-07T05:31:56Z"
}Authorizations
API key (sk_...) or Agent token (at_...)
Path Parameters
⌘I
Assistant
Responses are generated using AI and may contain mistakes.