POST
/
v1
/
customers
/
{customerId}
/
accounts
/
{accountId}
/
payments
/
international
curl --request POST \
  --url https://api.next.orenda.finance/v1/customers/{customerId}/accounts/{accountId}/payments/international \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "amount": "150.00",
  "currency": "EUR",
  "reference": "Invoice 1025",
  "quoteId": "fxq_8a2c4e6f",
  "beneficiaryId": "ben_4b8e1c9d",
  "debtorViban": "LU280019400644750000",
  "purpose": "PP001",
  "chargeBearer": "SHA"
}
'
{
  "success": true,
  "data": {
    "paymentId": "p_111222333",
    "status": "PENDING",
    "message": "Payment accepted for processing."
  }
}
This sends money abroad using an FX quote. First get a quote from GET /v1/accounts/{accountId}/fx/quote, then pass its quoteId here.
International payments are an optional feature. If your program isn’t eligible, the API responds with not available. To enable international payments, contact the team.
The debtorViban must be a Luxembourg (LU) virtual IBAN — take it from the funding account’s virtualIbans in List accounts.

Extra security check for a new payee

If you send the payee details inline (instead of a saved beneficiaryId), the payment needs an extra security step. It works in two parts:
1

Send the payment

Send the payment with the payee details. The reply comes back with success: false and code: "SCA_REQUIRED", and it includes a challenge.
2

Confirm it

Send the same payment again, plus the sca challenge and a confirmation object — a passkey, a 2FA code, or a PIN (on programs with PIN step-up):
"confirmation": { "method": "totp", "totp": "123456", "accessToken": "eyJraWQiOi…" }
The payment then goes through and returns a paymentId and status.
If you use a saved payee (beneficiaryId), you skip this check and get the paymentId straight away.

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Headers

Idempotency-Key
string<uuid>

Optional. Makes the request retry-safe: a retry with the same key resolves to the same resource instead of creating a duplicate. Must be a UUID, and is scoped to the authenticated customer. Preferred over any idempotencyKey body field.

Path Parameters

customerId
string
required

Customer identifier.

accountId
string
required

Account identifier. The account determines which optional features and limits apply.

Body

application/json
amount
string
required
Pattern: ^\d+(\.\d{1,2})?$
Example:

"100.00"

quoteId
string
required

From GET /v1/accounts/{accountId}/fx/quote.

Minimum string length: 1
debtorViban
string
required

International transfers only support LU virtual IBANs.

Pattern: ^LU
purpose
string
required
Example:

"PP001"

currency
string

Destination currency (ISO 4217).

Required string length: 3
reference
string
Maximum string length: 140
beneficiaryId
string

Saved beneficiary. Provide this OR beneficiary.

beneficiary
object
chargeBearer
enum<string>
Available options:
SHA,
OUR,
BEN
confirmation
Passkey · object

Step-up confirmation (SCA step-2 only). Set method to passkey, totp, or pin and include that method's fields. pin is a program capability — see Program capabilities.

sca
object

Challenge returned by SCA step-1, echoed back in step-2.

idempotencyKey
string<uuid>

Optional. Idempotency key for retry-safety (parity with batch payments). The Idempotency-Key header is preferred and overrides this field. Reusing a key with different amount/accountId/beneficiaryId returns 400; a key whose payment is still being claimed returns 409.

Response

Payment accepted, or SCA challenge required

success
boolean
Example:

true

data
object