Skip to main content
POST
/
transactions
Create Transaction Endpoint for Monitoring
curl --request POST \
  --url http://api.gu1.ai/transactions \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "externalId": "<string>",
  "type": "<string>",
  "status": "<string>",
  "amount": 123,
  "currency": "<string>",
  "paymentMethod": "<string>",
  "originEntityId": "<string>",
  "originExternalId": "<string>",
  "originTaxId": "<string>",
  "originName": "<string>",
  "originCountry": "<string>",
  "originDetails": {},
  "destinationEntityId": "<string>",
  "destinationExternalId": "<string>",
  "destinationTaxId": "<string>",
  "destinationName": "<string>",
  "destinationCountry": "<string>",
  "destinationDetails": {},
  "channel": "<string>",
  "reason": "<string>",
  "locationDetails": {},
  "deviceDetails": {},
  "description": "<string>",
  "category": "<string>",
  "metadata": {},
  "transactedAt": "<string>",
  "executeRules": true
}
'
{
  "transaction": {},
  "rulesExecutionSummary": {}
}

​
Canonical Endpoint Reference

The official reference for POST /transactions (response shape, errors, all fields) is: Create transaction (API Reference β†’ Transactions) There you’ll find the actual response: transaction is an object (the created transaction), and when rules run, rulesExecutionSummary appears at the response root (see Rules Execution Summary). This page adds use-case context for monitoring: currency conversion, payment-method examples (PIX, card, multi-currency), and detailed field descriptions.

​
Endpoint: Create Transaction

POST http://api.gu1.ai/transactions
Creates a new transaction. Amounts are converted to USD when currency is not USD. With executeRules: true (default), the rules engine runs and the response includes rulesExecutionSummary at the root when rules execute.

​
Authentication

All requests must include an API key in the Authorization header: 
Authorization: Bearer YOUR_API_KEY

​
Required Headers

Content-Type: application/json
Authorization: Bearer YOUR_API_KEY

​
Request Body

​
externalId
string
required
Your unique identifier for this transaction in your systemType: string (min length: 1)
​
type
string
required
Type of transaction. Options:
  • PAYMENT - Purchase or payment to merchant
  • TRANSFER - Transfer between accounts/users
  • WITHDRAWAL - Cash withdrawal or account debit
  • DEPOSIT - Deposit or account credit
  • REFUND - Refund of a previous transaction
  • CHARGEBACK - Chargeback dispute
  • REVERSAL - Transaction reversal
  • FEE - Fee or commission charge
  • ADJUSTMENT - Balance adjustment
  • OTHER - Other transaction type
Type: enum - 'PAYMENT' | 'TRANSFER' | 'WITHDRAWAL' | 'DEPOSIT' | 'REFUND' | 'CHARGEBACK' | 'REVERSAL' | 'FEE' | 'ADJUSTMENT' | 'OTHER'
​
status
string
default:"CREATED"
Transaction status. Follows a state machine with open and closed states.Open States (can transition to other states):
  • CREATED - Transaction created (default)
  • PROCESSING - Transaction being processed
  • SUSPENDED - Transaction temporarily suspended
Closed States (final, cannot transition back to open states):
  • SENT - Transaction sent/transmitted
  • EXPIRED - Transaction expired
  • DECLINED - Transaction declined/rejected
  • REFUNDED - Transaction refunded/reversed
  • SUCCESSFUL - Transaction completed successfully
Type: enum - 'CREATED' | 'PROCESSING' | 'SUSPENDED' | 'SENT' | 'EXPIRED' | 'DECLINED' | 'REFUNDED' | 'SUCCESSFUL' (default: β€˜CREATED’)Important: Once a transaction reaches a closed state, it cannot transition back to an open state. This ensures transaction integrity and proper audit trails.
​
amount
number
required
Transaction amount (must be positive)Type: number (> 0)
​
currency
string
required
ISO 4217 currency code (e.g., β€œUSD”, β€œBRL”, β€œEUR”)Type: string (length: 3)
​
paymentMethod
string
Payment method used for the transactionType: string (enum, optional)Possible Values:
  • CARD - Credit or debit card payment
  • ACH - Automated Clearing House (US bank transfer)
  • PIX - Brazilian instant payment system
  • TED - Brazilian wire transfer (TransferΓͺncia EletrΓ΄nica DisponΓ­vel)
  • BOLETO - Brazilian payment slip
  • WALLET - Digital wallet (PayPal, Venmo, etc.)
  • SWIFT - SWIFT international wire transfer
  • IBAN - IBAN-based bank transfer
  • CBU - Argentine bank account (Clave Bancaria Uniforme)
  • CVU - Argentine virtual account (Clave Virtual Uniforme)
  • DEBIN - Argentine instant debit system
  • GENERIC_BANK_ACCOUNT - Generic bank account transfer
  • MPESA - M-Pesa mobile money (Kenya)
  • UPI - Unified Payments Interface (India)
  • CHECK - Check payment
  • ECHECK - Electronic check
  • QR_CODE - QR code payment
  • ONLINE_PAYMENT - Generic online payment
  • WITHDRAWAL_ORDER - Withdrawal order
Example: "PIX" or "CARD"
​
originEntityId
string
UUID of the origin entity (sender) in gu1 systemType: string (uuid, optional)
​
originExternalId
string
Your external ID for the origin entityType: string (optional)
​
originTaxId
string
Tax / document ID for the origin at the root of the request. Third linking path after originEntityId and originExternalId (normalized match to entity.taxId). If matched, originEntityId and optionally name/country are filled. Max 50 characters. Type: string (optional)
​
originName
string
Name of the origin entity (sender)Type: string (max length: 500, optional)
​
originCountry
string
ISO 3166-1 alpha-2 country code of origin entityType: string (length: 2, optional)
​
originDetails
object
Contextual information about the origin of the transaction (device, geolocation, account, security flags). These fields match the API schema; you can also send additional custom fields (e.g. nested paymentDetails or any other keys) and they will be stored.Type: object (optional, validated structure; extra keys allowed)Key Difference:
  • originCountry (direct field) = Entity’s country
  • originDetails.country = Device/IP country at transaction time (can differ if traveling)
Supported Fields:Device/Technical:
  • deviceId (string) - Device identifier
  • deviceFingerprint (string) - Device fingerprint hash
  • deviceType (enum) - mobile | desktop | tablet | pos | atm
  • userAgent (string) - Browser user agent
  • ipAddress (string) - IP address (validated format)
Geolocation:
  • country (string) - ISO 2-letter code
  • city (string) - City name
  • region (string) - State/province
  • latitude (number) - Latitude (-90 to 90)
  • longitude (number) - Longitude (-180 to 180)
  • timezone (string) - Timezone identifier
Payment Details (nested object):
  • paymentDetails (object) - Payment-specific information for the origin. You can send any payment-related fields here:
    • Bank/Account Details:
      • accountNumber (string) - Account number
      • accountType (enum) - checking | savings | business | personal
      • bankCode (string) - Bank code
      • bankName (string) - Bank name
      • routingNumber (string) - Routing number (US)
      • swiftCode (string) - SWIFT/BIC code
      • iban (string) - IBAN (International Bank Account Number)
    • PIX Details (Brazil):
      • pixKey (string) - PIX key
      • pixType (enum) - PIX key type: email | phone | cpf | cnpj | random
    • Card Details:
      • cardLast4 (string) - Last 4 digits of card
      • cardBrand (string) - Card brand (Visa, Mastercard, Amex, etc.)
      • cardholderName (string) - Name on card
      • cardBin (string) - First 6 digits of card (BIN)
      • cardType (enum) - credit | debit | prepaid
      • cardCountry (string) - Card issuing country (ISO 2-letter)
      • cardExpiry (string) - Expiration date (MM/YY)
      • cardFingerprint (string) - Unique card fingerprint/hash for tracking
    • Crypto Details:
      • walletAddress (string) - Cryptocurrency wallet address
      • walletType (string) - Wallet type (e.g., β€œmetamask”, β€œcoinbase”)
      • blockchain (string) - Blockchain network (e.g., β€œethereum”, β€œbitcoin”)
      • tokenSymbol (string) - Token symbol (e.g., β€œETH”, β€œBTC”, β€œUSDT”)
    • Wallet/Digital Payment:
      • walletId (string) - Digital wallet identifier
      • walletProvider (string) - Wallet provider (e.g., β€œpaypal”, β€œvenmo”, β€œcashapp”)
      • walletEmail (string) - Email associated with wallet
    • And any other payment-related fields you need
Reference: For suggested structures by payment method (card, PIX, CBU/CVU, SPEI, PSE, DEBIN, crypto, wallet, cash, check, etc.) see Payment Details Schema. Nothing is enforced; custom fields are allowed.Security Flags:
  • isVpn (boolean) - VPN detected
  • isTor (boolean) - Tor network detected
  • isProxy (boolean) - Proxy detected
  • governmentAccount (boolean) - Government account flag
Example:
{
  "deviceType": "mobile",
  "ipAddress": "189.123.45.67",
  "country": "BR",
  "city": "SΓ£o Paulo",
  "isVpn": false,
  "paymentDetails": {
    "accountNumber": "12345",
    "accountType": "personal",
    "bankName": "Banco do Brasil",
    "pixKey": "user@email.com",
    "pixType": "email"
  }
}
Custom fields are allowed - the system will validate known fields and preserve custom ones.
​
destinationEntityId
string
UUID of the destination entity (receiver) in gu1 systemType: string (uuid, optional)
​
destinationExternalId
string
Your external ID for the destination entityType: string (optional)
​
destinationTaxId
string
Tax / document ID for the destination at the root. Third path after destinationEntityId and destinationExternalId. Same rules as originTaxId. Type: string (optional)
​
destinationName
string
Name of the destination entity (receiver)Type: string (max length: 500, optional)
​
destinationCountry
string
ISO 3166-1 alpha-2 country code of destination entityType: string (length: 2, optional)
​
destinationDetails
object
Contextual information about the destination of the transaction (merchant, device, geolocation, account, risk flags). These fields match the API schema; you can also send additional custom fields (e.g. nested paymentDetails or any other keys) and they will be stored.Type: object (optional, validated structure; extra keys allowed)Supported Fields:Merchant Info:
  • mcc (string) - Merchant Category Code (4 digits, ISO 18245)
  • mccDescription (string) - MCC description (e.g., β€œRestaurants”)
  • merchantId (string) - Merchant identifier
  • merchantName (string) - Merchant name
  • merchantType (string) - Merchant type/category
Device/Technical:
  • deviceId (string) - Device identifier
  • deviceType (enum) - pos | online | mobile | atm
  • ipAddress (string) - IP address (validated format)
Geolocation:
  • country (string) - ISO 2-letter code
  • city (string) - City name
  • region (string) - State/province
Payment Details (nested object):
  • paymentDetails (object) - Payment-specific information for the destination. You can send any payment-related fields here:
    • Bank/Account Details:
      • accountNumber (string) - Destination account number
      • accountType (enum) - checking | savings | business | merchant
      • bankCode (string) - Bank code
      • bankName (string) - Bank name
      • routingNumber (string) - Routing number (US)
      • swiftCode (string) - SWIFT/BIC code
      • iban (string) - IBAN (International Bank Account Number)
    • PIX Details (Brazil):
      • pixKey (string) - PIX key
      • pixType (enum) - PIX key type: email | phone | cpf | cnpj | random
    • Card Details:
      • cardLast4 (string) - Last 4 digits of card
      • cardBrand (string) - Card brand (Visa, Mastercard, Amex, etc.)
      • cardholderName (string) - Name on card
      • cardBin (string) - First 6 digits of card (BIN)
      • cardType (enum) - credit | debit | prepaid
      • cardCountry (string) - Card issuing country (ISO 2-letter)
      • cardExpiry (string) - Expiration date (MM/YY)
      • cardFingerprint (string) - Unique card fingerprint/hash for tracking
    • Crypto Details:
      • walletAddress (string) - Cryptocurrency wallet address
      • walletType (string) - Wallet type (e.g., β€œmetamask”, β€œcoinbase”)
      • blockchain (string) - Blockchain network (e.g., β€œethereum”, β€œbitcoin”)
      • tokenSymbol (string) - Token symbol (e.g., β€œETH”, β€œBTC”, β€œUSDT”)
    • Wallet/Digital Payment:
      • walletId (string) - Digital wallet identifier
      • walletProvider (string) - Wallet provider (e.g., β€œpaypal”, β€œvenmo”, β€œcashapp”)
      • walletEmail (string) - Email associated with wallet
    • And any other payment-related fields you need
Reference: For suggested structures by payment method see Payment Details Schema. Nothing is enforced; custom fields are allowed.Risk Flags:
  • cryptoExchange (boolean) - Is cryptocurrency exchange
  • highRisk (boolean) - High risk merchant flag
  • privateSector (boolean) - Private sector flag
Example:
{
  "mcc": "5812",
  "mccDescription": "Restaurants",
  "merchantName": "Restaurant ABC",
  "country": "US",
  "highRisk": false,
  "paymentDetails": {
    "accountNumber": "98765",
    "accountType": "merchant",
    "bankName": "Bradesco"
  }
}
Custom fields are allowed - the system will validate known fields and preserve custom ones.
​
channel
string
The channel through which the transaction was initiated (max 50 characters).Type: string (max length: 50, optional)Common Examples:
  • mobile_app - Mobile application
  • web_browser - Web browser
  • pos_terminal - Point of sale terminal
  • api - Direct API integration
  • atm - ATM machine
  • phone_banking - Phone banking
  • branch - Physical branch
  • call_center - Call center
  • partner_api - Partner integration
Use Case: Helps segment transactions by origin channel for risk analysis, reporting, and business intelligence.Example:
{
  "channel": "mobile_app"
}
​
reason
string
Optional reason for the transaction outcome (e.g. decline, failure, limit exceeded). The client can send any value from the transaction_reason_type enum. If omitted, the system uses WITHOUT_REASON. Not required β€” existing integrations remain valid.Type: string (enum, optional, default: WITHOUT_REASON)Common values (full enum has 60+ values):
  • WITHOUT_REASON - No specific reason (default when omitted)
  • INSUFFICIENT_FUNDS - Insufficient funds
  • LIMIT_EXCEEDED, DAILY_LIMIT_EXCEEDED, MONTHLY_LIMIT_EXCEEDED, TRANSACTION_LIMIT_EXCEEDED
  • ACCOUNT_BLOCKED, ACCOUNT_FROZEN, ACCOUNT_CLOSED
  • CARD_EXPIRED, CARD_BLOCKED, CARD_LOST_OR_STOLEN, INVALID_CARD, INVALID_ACCOUNT
  • FRAUD_SUSPECTED, COMPLIANCE_BLOCK, SANCTIONS_MATCH, AML_ALERT, RISK_SCORE_THRESHOLD
  • MERCHANT_BLOCKED, COUNTRY_RESTRICTION, CURRENCY_NOT_SUPPORTED, CHANNEL_NOT_ALLOWED
  • SYSTEM_ERROR, TIMEOUT, INVALID_AMOUNT, KYC_PENDING, KYC_REJECTED
  • EXPIRED, CANCELLED_BY_USER, CANCELLED_BY_MERCHANT, REFUSED_BY_ISSUER, DO_NOT_HONOR
  • INVALID_PIN, PIN_TRIES_EXCEEDED, INSUFFICIENT_LIQUIDITY, VALIDATION_FAILED, OTHER
Full list: See Transaction Reason Enum for all 60+ allowed values.Example:
{
  "reason": "INSUFFICIENT_FUNDS"
}
​
locationDetails
object
Geographic location information where the transaction occurred. Useful for fraud detection, geographic risk analysis, and compliance reporting.Type: object (optional)Supported Fields:Address Information:
  • country (string) - ISO 3166-1 alpha-2 country code (e.g., β€œUS”, β€œBR”, β€œAR”)
  • countryName (string) - Full country name
  • city (string) - City name
  • region (string) - State or province
  • address (string) - Full address
  • street (string) - Street name
  • streetNumber (string) - Street number
  • postalCode (string) - Postal/ZIP code
  • neighborhood (string) - Neighborhood or district
Coordinates (for map visualization):
  • latitude (number) - Latitude coordinate (-90 to 90)
  • longitude (number) - Longitude coordinate (-180 to 180)
Additional Information:
  • timezone (string) - IANA timezone (e.g., β€œAmerica/Sao_Paulo”)
  • placeId (string) - Google Places ID or similar identifier
Example:
{
  "country": "BR",
  "countryName": "Brazil",
  "city": "SΓ£o Paulo",
  "region": "SP",
  "address": "Av. Paulista, 1578",
  "street": "Av. Paulista",
  "streetNumber": "1578",
  "postalCode": "01310-200",
  "latitude": -23.5505,
  "longitude": -46.6333,
  "timezone": "America/Sao_Paulo"
}
Use Cases:
  • Fraud Detection: Identify transactions from unusual locations or high-risk countries
  • Geographic Analysis: Analyze transaction patterns by region
  • Compliance: Track cross-border transactions for regulatory reporting
  • Velocity Rules: Detect impossible travel (same user in different locations in short time)
​
deviceDetails
object
Device information for the transaction. Critical for fraud detection, device fingerprinting, and security analysis.Type: object (optional)Supported Fields:Device Identification:
  • deviceId (string) - Unique device identifier
  • externalId (string) - Your external device ID
Platform and Operating System:
  • platform (enum) - Device platform: android, ios, web, desktop, mobile, tablet, pos, atm
  • osName (string) - Operating system name (e.g., β€œAndroid”, β€œiOS”, β€œWindows”, β€œmacOS”)
  • osVersion (string) - OS version (e.g., β€œ13.0”, β€œ16.4”)
Device Information:
  • manufacturer (string) - Device manufacturer (e.g., β€œSamsung”, β€œApple”)
  • model (string) - Device model (e.g., β€œGalaxy S22”, β€œiPhone 14”)
  • brand (string) - Device brand
  • deviceName (string) - User-assigned device name
Browser Information (for web platform):
  • browser (string) - Browser name (e.g., β€œChrome”, β€œSafari”, β€œFirefox”)
  • browserVersion (string) - Browser version
  • userAgent (string) - Full user agent string
Security Flags:
  • isEmulator (boolean) - Whether device is an emulator
  • isRooted (boolean) - Whether device is rooted (Android)
  • isJailbroken (boolean) - Whether device is jailbroken (iOS)
Network Information:
  • ipAddress (string) - IP address (validated format)
  • isVpn (boolean) - Whether connection is through VPN
  • isTor (boolean) - Whether connection is through Tor
  • isProxy (boolean) - Whether connection is through proxy
Device Fingerprinting:
  • deviceFingerprint (string) - Unique device fingerprint hash for tracking
Additional Details:
  • screenResolution (string) - Screen resolution (e.g., β€œ1920x1080”)
  • language (string) - Device language
  • timezone (string) - Device timezone
Example:
{
  "platform": "mobile",
  "osName": "Android",
  "osVersion": "13",
  "manufacturer": "Samsung",
  "model": "Galaxy S22",
  "brand": "Samsung",
  "ipAddress": "192.168.1.1",
  "isVpn": false,
  "isTor": false,
  "isEmulator": false,
  "isRooted": false,
  "deviceFingerprint": "abc123def456...",
  "screenResolution": "1080x2400",
  "language": "pt-BR",
  "timezone": "America/Sao_Paulo"
}
Use Cases:
  • Fraud Detection: Identify suspicious devices (emulators, rooted devices, VPN usage)
  • Device Fingerprinting: Track unique devices across transactions for behavioral analysis
  • Security Analysis: Detect anomalies in device patterns (new device, impossible device velocity)
  • Compliance: Document device information for audit trails
  • User Experience: Personalize experience based on device type and capabilities
​
description
string
Transaction descriptionType: string (max length: 1000, optional)
​
category
string
Transaction category for groupingType: string (max length: 100, optional)
​
metadata
object
Custom metadata for storing additional transaction information.Type: object (optional, validated structure)Supported Standard Fields:

​
tags (object) - Key-Value Categorization System

The tags field allows you to add custom key-value pairs for flexible categorization, filtering, and workflow management. This is particularly useful for:
  • Custom filtering in dashboards and reports
  • Triggering specific business logic
  • Tracking review status
  • Categorizing by risk level or source
  • Custom workflow states
Format: { "key1": "value1", "key2": "value2" }Common Tag Patterns:
  • risk_level (string) - β€œlow”, β€œmedium”, β€œhigh”, β€œcritical”
  • source (string) - β€œapi”, β€œweb”, β€œmobile”, β€œbatch”, β€œimport”
  • channel (string) - β€œonline”, β€œbranch”, β€œatm”, β€œcall_center”, β€œpartner”
  • reviewed (boolean) - false (pending review), true (reviewed)
  • category (string) - β€œpayroll”, β€œsupplier”, β€œrefund”, β€œinvestment”, β€œloan”, β€œbill_payment”
  • priority (string) - β€œlow”, β€œnormal”, β€œhigh”, β€œurgent”
  • team (string) - β€œcompliance”, β€œfraud”, β€œsupport”, β€œoperations”
  • campaign (string) - Marketing or business campaign identifier
  • approved_by (string) - User or system that approved
  • requires_approval (boolean) - Manual approval required
  • customer_segment (string) - β€œvip”, β€œregular”, β€œnew”, β€œdormant”
  • product_type (string) - β€œsavings”, β€œinvestment”, β€œloan”, β€œtransfer”
  • region (string) - β€œnorth”, β€œsouth”, β€œlatam”, β€œemea”, β€œapac”
  • business_unit (string) - β€œretail”, β€œcorporate”, β€œwealth”, β€œsme”
Use Case Examples:Example 1: Risk-based workflow
{
  "tags": {
    "risk_level": "high",
    "reviewed": false,
    "requires_approval": true,
    "assigned_to": "fraud_team"
  }
}
Example 2: Business categorization
{
  "tags": {
    "category": "payroll",
    "batch_id": "PAY_2025_01",
    "department": "engineering",
    "cost_center": "R&D"
  }
}
Example 3: Multi-channel tracking
{
  "tags": {
    "source": "mobile_app",
    "channel": "online",
    "campaign": "winter_2025",
    "referral_code": "FRIEND123",
    "first_transaction": true,
    "customer_segment": "new"
  }
}
Example 4: Banking operations
{
  "tags": {
    "channel": "branch",
    "business_unit": "retail",
    "product_type": "loan",
    "region": "latam",
    "requires_approval": true,
    "approved_by": "manager_john"
  }
}
Filtering transactions by tags: You can later filter transactions using these tags in list endpoints or dashboards.

​
Other Metadata Fields:

  • purpose (string) - Transaction purpose (e.g., β€œsalary”, β€œinvoice_payment”)
  • frequency (string) - Transaction frequency (e.g., β€œmonthly”, β€œone-time”)
  • contract_number (string) - Contract number (for business payments)
  • enhanced_due_diligence (boolean) - EDD flag
  • block_reason (string) - Reason for blocking
  • compliance_alert (boolean) - Compliance alert flag
Complete Example:
{
  "tags": {
    "risk_level": "medium",
    "source": "api",
    "reviewed": false,
    "category": "invoice_payment"
  },
  "purpose": "supplier_payment",
  "frequency": "monthly",
  "contract_number": "CNT-2025-001",
  "enhanced_due_diligence": false
}
Custom fields beyond the standard ones are allowed and will be preserved.
​
transactedAt
string
When the transaction occurred (ISO 8601 timestamp). Defaults to current time if not provided.Type: string (ISO 8601 datetime, optional)
​
executeRules
boolean
default:"true"
Whether to execute risk rules automatically after creating the transactionType: boolean (default: true)

​
Payment Methods

  • CARD - Credit/debit card payment
  • ACH - ACH transfer (US)
  • PIX - Brazilian instant payment
  • TED - Brazilian bank transfer (TED)
  • BOLETO - Brazilian boleto payment
  • WALLET - Digital wallet payment
  • SWIFT - International SWIFT transfer
  • IBAN - IBAN-based transfer
  • CBU - Argentine bank account (CBU)
  • CVU - Argentine virtual wallet (CVU)
  • DEBIN - Argentine direct debit
  • GENERIC_BANK_ACCOUNT - Generic bank account transfer
  • MPESA - M-Pesa mobile money
  • UPI - India UPI payment
  • CHECK - Physical check
  • ECHECK - Electronic check
  • QR_CODE - QR code payment
  • ONLINE_PAYMENT - Generic online payment
  • WITHDRAWAL_ORDER - Withdrawal order

​
Account Types

  • PERSONAL - Personal account
  • BUSINESS - Business account
  • MERCHANT - Merchant account
  • SAVINGS - Savings account
  • CHECKING - Checking account
  • INVESTMENT - Investment account
  • ESCROW - Escrow account
  • PREPAID - Prepaid account
  • OTHER - Other account type

​
MCC Codes

Merchant Category Codes (MCC) classify business types: 
{
  "mccCode": "5411"  // Grocery Stores
}
Common examples:
  • 5411 - Grocery Stores
  • 5812 - Restaurants
  • 5999 - Miscellaneous Retail
  • 6011 - ATM/Cash Withdrawal
  • 7995 - Gambling

​
Tags and Metadata

{
  "tags": ["high_value", "first_transaction", "promotional"],
  "metadata": {
    "campaignId": "summer_2024",
    "referralCode": "FRIEND10",
    "customField": "any_value"
  }
}

​
Multi-Currency Support

gu1 provides automatic currency conversion for all transactions. Each organization has a configured base currency (default: USD), and all transactions are automatically converted to this base currency for consistent rule evaluation and reporting.

​
How It Works

  1. Automatic Detection: When a transaction’s currency differs from your organization’s base currency, automatic conversion is triggered
  2. Real-Time Rates: Exchange rates are fetched from our currency service in real-time
  3. Dual Amount Storage: Both original and converted amounts are stored
  4. Rule Evaluation: Rules can use either amount (original) or amountInUsd (converted to USD)

​
Supported Currencies

150+ currencies supported including:
  • Major: USD, EUR, GBP, JPY, CHF, CAD, AUD
  • Latin America: BRL, ARS, MXN, COP, CLP, PEN, UYU
  • Asia: CNY, INR, KRW, SGD, HKD, THB, MYR
  • Crypto: BTC, ETH, USDT, USDC
  • And many more (ISO 4217 standard)

​
Exchange Rate Sources

SourceDescriptionWhen Used
ms-providerReal-time rates from currency microservicePrimary source
cache-fallbackCached rates when service unavailableFallback (< 1h old)
no-conversionNo conversion needed (same currency)Same as base
client-providedCustom rate provided by clientOptional override

​
Response Fields

Conversion data is returned on the transaction object, not in a separate block:
  • transaction.amount, transaction.currency – original amount and currency
  • transaction.amountInUsd – converted amount in USD (null if conversion failed or not applicable)
  • transaction.exchangeRate, transaction.rateSource – rate used and source (e.g. ms-provider)

​
Using Converted Amounts in Rules

Rules can reference both amounts: 
{
  "conditions": [
    {
      "field": "amount",
      "operator": "GREATER_THAN",
      "value": 1000
    }
  ]
}
Or use the converted amount for consistent thresholds: 
{
  "conditions": [
    {
      "field": "amountInUsd",
      "operator": "GREATER_THAN",
      "value": 10000
    }
  ]
}
Best Practice: Use amountInUsd in rules to ensure consistent thresholds regardless of transaction currency.

​
Error Handling

If currency conversion fails:
  • Transaction processing continues with original amount
  • transaction.amountInUsd and transaction.exchangeRate will be null
  • Rules using amountInUsd will use original amount as fallback if conversion failed
  • Error is logged but doesn’t block transaction

​
Example: Multi-Currency Transaction

{
  "transaction": {
    "externalId": "txn_euro_001",
    "type": "PAYMENT",
    "amount": 850.00,
    "currency": "EUR",
    "timestamp": "2024-10-28T15:00:00Z",
    "originEntityId": "customer_france_001",
    "destinationEntityId": "merchant_usa_001"
  }
}
Response (conversion info is on the transaction): 
{
  "transaction": {
    "id": "550e8400-e29b-41d4-a716-446655440000",
    "externalId": "txn_euro_001",
    "type": "PAYMENT",
    "amount": 850.00,
    "currency": "EUR",
    "amountInUsd": 935.00,
    "exchangeRate": 1.10,
    "rateSource": "ms-provider",
    "status": "CREATED",
    "riskScore": 25,
    "flagged": false,
    "createdAt": "2024-10-28T15:00:01.000Z",
    "updatedAt": "2024-10-28T15:00:01.000Z"
  },
  "rulesExecutionSummary": null
}

​
Complete Request Examples

​
PIX Transfer (Brazil)

curl -X POST http://api.gu1.ai/transactions \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "externalId": "txn_pix_12345",
    "type": "TRANSFER",
    "status": "CREATED",
    "amount": 500.00,
    "currency": "BRL",
    "originEntityId": "customer_maria_001",
    "originName": "Maria Silva",
    "originCountry": "BR",
    "originDetails": {
      "deviceId": "device_123",
      "ipAddress": "189.123.45.67",
      "country": "BR",
      "city": "SΓ£o Paulo",
      "paymentDetails": {
        "pixKey": "maria.silva@example.com",
        "pixType": "email",
        "bankName": "Banco do Brasil"
      }
    },
    "destinationEntityId": "merchant_loja_002",
    "destinationName": "Loja Online",
    "destinationCountry": "BR",
    "destinationDetails": {
      "merchantId": "MER_002",
      "mcc": "5411",
      "paymentDetails": {
        "accountNumber": "98765",
        "accountType": "merchant",
        "bankName": "Bradesco"
      }
    },
    "description": "Purchase at Online Store",
    "category": "retail",
    "metadata": {
      "storeId": "store_002",
      "orderId": "order_789"
    },
    "transactedAt": "2024-12-23T14:30:00Z",
    "executeRules": true
  }'

​
Card Payment

curl -X POST http://api.gu1.ai/transactions \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "externalId": "txn_card_67890",
    "type": "PAYMENT",
    "amount": 1250.00,
    "currency": "USD",
    "originEntityId": "customer_john_003",
    "originName": "John Smith",
    "originCountry": "US",
    "originDetails": {
      "deviceId": "device_456",
      "deviceType": "desktop",
      "ipAddress": "198.51.100.42",
      "country": "US",
      "paymentDetails": {
        "cardLast4": "8765",
        "cardBrand": "Visa",
        "expiryMonth": "12",
        "expiryYear": "2027"
      }
    },
    "destinationEntityId": "merchant_electronics_001",
    "destinationName": "Electronics Store",
    "destinationCountry": "US",
    "destinationDetails": {
      "mcc": "5732",
      "merchantId": "MER_ELEC_001",
      "paymentDetails": {
        "accountNumber": "ACC123456",
        "accountType": "merchant"
      }
    },
    "description": "Laptop purchase",
    "category": "electronics",
    "metadata": {
      "sessionId": "sess_abc123",
      "isFirstTransaction": true
    },
    "executeRules": true
  }'

​
Multi-Currency Transfer

curl -X POST http://api.gu1.ai/transactions \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "externalId": "txn_euro_001",
    "type": "TRANSFER",
    "amount": 750.50,
    "currency": "EUR",
    "originEntityId": "user_alice_001",
    "originName": "Alice Martinez",
    "originCountry": "ES",
    "originDetails": {
      "deviceId": "device_789",
      "ipAddress": "88.22.15.10",
      "country": "ES",
      "city": "Madrid",
      "paymentDetails": {
        "accountNumber": "ES1234567890123456789012",
        "bankName": "Banco Santander",
        "accountType": "personal"
      }
    },
    "destinationEntityId": "user_bob_002",
    "destinationName": "Bob Johnson",
    "destinationCountry": "DE",
    "destinationDetails": {
      "country": "DE",
      "paymentDetails": {
        "accountNumber": "DE89370400440532013000",
        "bankName": "Deutsche Bank",
        "accountType": "personal"
      }
    },
    "description": "International transfer",
    "category": "p2p",
    "executeRules": true
  }'

​
Response

Full response spec: Create transaction. The API returns transaction as an object (single created transaction).

​
Success Response (201 Created)

{
  "transaction": {
    "id": "550e8400-e29b-41d4-a716-446655440000",
    "externalId": "txn_pix_12345",
    "organizationId": "org_uuid",
    "type": "TRANSFER",
    "status": "CREATED",
    "amount": "500.00",
    "currency": "BRL",
    "amountInUsd": "100.00",
    "exchangeRate": "0.2000000000",
    "rateSource": "ms-provider",
    "rateTimestamp": "2024-12-23T14:30:00.000Z",
    "convertedAt": "2024-12-23T14:30:01.000Z",
    "originEntityId": "customer_maria_001",
    "originExternalId": null,
    "originName": "Maria Silva",
    "originCountry": "BR",
    "originDetails": {
      "deviceId": "device_123",
      "ipAddress": "189.123.45.67",
      "country": "BR",
      "city": "SΓ£o Paulo",
      "paymentDetails": {
        "pixKey": "maria.silva@example.com",
        "pixType": "email",
        "bankName": "Banco do Brasil"
      }
    },
    "destinationEntityId": "merchant_loja_002",
    "destinationExternalId": null,
    "destinationName": "Loja Online",
    "destinationCountry": "BR",
    "destinationDetails": {
      "merchantId": "MER_002",
      "mcc": "5411",
      "paymentDetails": {
        "accountNumber": "98765",
        "accountType": "merchant",
        "bankName": "Bradesco"
      }
    },
    "riskScore": "25.50",
    "riskFactors": [
      {
        "factor": "velocity_check",
        "score": 15,
        "description": "3 transactions in the last hour"
      }
    ],
    "flagged": false,
    "description": "Purchase at Online Store",
    "category": "retail",
    "metadata": {
      "storeId": "store_002",
      "orderId": "order_789"
    },
    "transactedAt": "2024-12-23T14:30:00.000Z",
    "createdAt": "2024-12-23T14:30:01.000Z",
    "updatedAt": "2024-12-23T14:30:01.000Z"
  },
  "rulesExecutionSummary": {
    "rulesHit": [],
    "rulesNoHit": [],
    "actionsExecuted": {},
    "totalScore": 25
  }
}

​
Response Fields

​
transaction
object
The created transaction with all its data including:
  • id (string) - gu1’s internal UUID
  • externalId (string) - Your external ID
  • type (enum) - Transaction type
  • status (enum) - Transaction status
  • amount (string) - Original amount (numeric string)
  • currency (string) - Original currency code (ISO 4217)
  • amountInUsd (string | null) - Converted amount in USD
  • exchangeRate (string | null) - Exchange rate used (precision: 10 decimals)
  • rateSource (string | null) - Source of exchange rate
  • riskScore (string | null) - Risk score 0-100 (precision: 2 decimals) if rules were executed
  • riskFactors (array) - Array of risk factors identified
  • flagged (boolean) - Whether transaction was flagged for review
  • reason (string | null) - Optional outcome reason (e.g. WITHOUT_REASON, INSUFFICIENT_FUNDS); default WITHOUT_REASON when omitted
​
rulesExecutionSummary
object
At the root of the response. Only present when executeRules is true and the rules engine ran. Summary of which rules matched (hit) vs did not match (no hit), executed actions, and total score. Omitted when executeRules is false. See Rules Execution Summary for the full structure and a complete example.
  • rulesHit (array) - Rules whose conditions were met. Each item: name, description, score, priority, category, status (e.g. active, shadow), conditions (array of { field, value, operator? }), actions (alerts, suggestion, status, assignedUser).
  • rulesNoHit (array) - Rules that were evaluated but conditions were not met. Same structure as rulesHit (includes configured actions, not executed).
  • actionsExecuted (object) - Aggregated executed actions across all rules that hit: alerts (array of { name?, type?, severity?, description? }), suggestion (BLOCK | SUSPEND | FLAG, highest weight), status (entity status applied, if any), assignedUser ({ userId }, if any), customKeys (array of strings, optional) β€” custom action keys from rules that matched (e.g. require_kyc, flag_for_review). Present when any matched rule has a custom action with a key; used for integrations/workflows.
  • totalScore (number) - Sum of score of all rules that hit and are not in shadow status.

​
Transaction Status Values

The transaction status follows a state machine model with open and closed states:

​
Open States (Can Transition)

StatusDescriptionCan Transition To
CREATEDTransaction created (initial state)PROCESSING, SUSPENDED, SENT, EXPIRED, DECLINED, SUCCESSFUL
PROCESSINGTransaction being processedSUSPENDED, SENT, EXPIRED, DECLINED, REFUNDED, SUCCESSFUL
SUSPENDEDTransaction temporarily suspendedPROCESSING, SENT, EXPIRED, DECLINED, REFUNDED, SUCCESSFUL

​
Closed States (Final)

StatusDescriptionNote
SENTTransaction sent/transmittedFinal state - no further transitions
EXPIREDTransaction expiredFinal state - no further transitions
DECLINEDTransaction declined/rejectedFinal state - no further transitions
REFUNDEDTransaction refunded/reversedFinal state - no further transitions
SUCCESSFULTransaction completed successfullyFinal state - no further transitions
Important: Once a transaction reaches a closed state, it cannot transition back to an open state. This ensures transaction integrity and proper audit trails.

​
Risk Score Ranges

Risk score from 0 to 100 (stored with 2 decimal precision):
  • 0-30: Low risk (green)
  • 31-60: Medium risk (yellow)
  • 61-80: High risk (orange)
  • 81-100: Critical risk (red)

​
Currency Conversion Rate Sources

The rateSource field indicates how the exchange rate was obtained:
  • ms-provider: Real-time rate from currency microservice (primary source)
  • cache-fallback: Cached rate (< 1h old) when service unavailable
  • no-conversion: No conversion needed (currency is already USD)
  • null: Conversion failed or not applicable

​
Error Responses

​
400 Bad Request - Validation Error

Example 1: Missing required fields 
{
  "error": "Validation failed",
  "details": [
    {
      "path": "externalId",
      "message": "Required",
      "code": "invalid_type"
    },
    {
      "path": "amount",
      "message": "Number must be greater than 0",
      "code": "too_small"
    }
  ]
}
Example 2: Invalid paymentDetails for card (nested in originDetails) 
{
  "error": "Validation failed",
  "details": [
    {
      "path": "originDetails.paymentDetails.cardLast4",
      "message": "Card last 4 digits must be exactly 4 characters",
      "code": "invalid_length"
    },
    {
      "path": "originDetails.paymentDetails.cardBrand",
      "message": "Invalid card brand",
      "code": "invalid_string"
    }
  ]
}
Example 3: Invalid PIX details (nested in originDetails) 
{
  "error": "Validation failed",
  "details": [
    {
      "path": "originDetails.paymentDetails.pixKey",
      "message": "Required",
      "code": "invalid_type"
    },
    {
      "path": "originDetails.paymentDetails.pixType",
      "message": "Invalid PIX type",
      "code": "invalid_enum_value"
    },
    {
      "path": "originDetails.paymentDetails.bankName",
      "message": "String must contain at least 1 character(s)",
      "code": "too_small"
    }
  ]
}
Example 4: Invalid IP address in originDetails 
{
  "error": "Validation failed",
  "details": [
    {
      "path": "originDetails.ipAddress",
      "message": "Invalid IP address format",
      "code": "invalid_string"
    },
    {
      "path": "originDetails.country",
      "message": "Country must be ISO 2 letter code",
      "code": "invalid_length"
    }
  ]
}

​
400 Bad Request - Missing Organization

{
  "error": "Organization ID and User ID are required"
}

​
401 Unauthorized

{
  "error": "Unauthorized",
  "message": "Invalid or missing API key"
}

​
500 Internal Server Error

{
  "error": "Failed to create transaction",
  "details": "Database connection error"
}

​
Next Steps

Rules Configuration

Learn to create rules

Fraud Detection

Fraud detection examples

AML Monitoring

AML compliance rules

Overview

Back to overview