American Banking Association

Access token

An alphanumeric text string uniquely assigned to a client. Use your application and client credentials to create a token and pass it to the server to get permission to use the API. See authentication, authorization, bearer token, entitlement.

Account Validation API

The Account Validation API confirms the account data matches to the account owner.


Automated Clearing House

ACH Inquiry API

The ACH Inquiry API shows the status of a payment after it is collected by the ACH processor. To check on the status of a transaction before it is collected, use the status inquiry call in the ACH Origination API.

ACH operator

The central clearing facility managed by the Federal Reserve Bank.

ACH Origination API

The ACH Origination API creates a payment and submits it to a clearing house.

ACH processor

The core processing system of the ACH Origination API that takes the incoming transactions from the originating financial institution, which are then sorted, batched, and verified.


Data records that have additional information about the payment transaction like remittance information.


Account Owner Authentication matches the account owner identity to the bank account, confirming if data is accurate when compared against the NSD.


Application Programming Interface, A documented interface between two systems to exchange information in a commonly agreed upon format.

API consumer

An authorized user of the API developer portal that has provisioned credentials (API keys) and permission to use our APIs.

API keys

Application and client credentials required to access and use our APIs. See application credentials, client credentials, keys.

Application credentials

A unique identification and password required to access the APIs. Application credentials (consumer key and consumer secret) are provided during onboarding.


Part of the entitlement process to verify your identity with KeyBank client credentials. See client credentials, entitlement, keys.


Part of the entitlement process to permit use of the APIs with application credentials. See application credentials, entitlement, keys.


Banking as a Service


Bank Administration Institute


A software method of running a series of jobs to collect and group similar queries or data sets, typically set to run automatically to a schedule. This is an effective process for running high-volume, repetitive jobs. See consolidation.

Bearer token

A unique code generated with your application and client credentials that permits use of the APIs. Use the unique code in the Authorization header when you call the API over a secure TLS connection. See access token, authentication, authorization.


Bank Identification Code


Bank Identification Number


Corporate Credit or Debit


Controlled Disbursement Account


An issued and signed digital certificate that permits the connection between servers and their resources (like applications). Certificates provide a digital signature and encrypted system information to support secure communication between servers, app to server, and human to app. You must exchange certificates with KeyBank before using our APIs.

Check Image Retrieval API

The Check Image Retrieval API collects images of every check deposited and cleared to create a searchable catalog of past transactions.


Customer Identification Number


Consumer Identification Unit


Customer Identification Exchange

Clearing house

The primary system for sending batches of electronic credit and debit transfers between banks and credit unions.


The application or site that uses KeyBank APIs. A client is controlled by verified, authenticated users who have onboarded with KeyBank. See API consumer.

Client credentials

A unique identification and password required to verify the API consumer's identity. Client credentials (client ID and client secret) are provided during onboarding.


The program instructions for the API that shows how the API request and response are in JSON format.

Code snippet

Provides small examples of code in JSON data format.


The status when the originating transaction is received by the ACH processor.


The action of grouping transactions and related data by a group a data sets. Consolidation can involve conversion from one file format to another.


Check Processing Control System


To push funds to other accounts.


Certificate signing request is an encoded message that contains the information needed by the Certificate Authority (CA) to create your certificate. This can include your name, domain, organization information, or location.


Corporate Trade Exchange

cURL command

The client URL (cURL) is a command line tool that sends data between two systems like web systems or application to server.


Demand Deposit Account


To pull funds from an account.


An item that is no longer relevant or needed. Any deprecated fields or schemas in the API specifications are removed.

Dev portal user

A user who has successfully created an account on the developer portal and can see authenticated content. See API consumer.


A domain is a group of computers and devices using the same group of resources. A domain name identified the IP address or web URL associated with those resources and can be used to authenticate use and access permissions.


Electronic Funds Transfer

Embedded Banking

A KeyBank line of business dedicated to taking traditional financial products and inserting them into non-financial software platforms to improve distribution, accessibility, and online data processing.


The digital location where the API receives requests and sends out responses. Each endpoint is a URL that gives the location of a resource on the API server.


Entitlements authenticate your identity and contain the authorization rules for the APIs you need to access. Part of the account entitlements are the API keys.


A data type set with a limited set of possible values and the value is constant.


A virtual space to test or publish a program. The environment can be configured by resources like the server or a cloud platform.


Extract, Transform, and Load


A problem during the execution of a program that affects its ability to function correctly.


Financial Alerts and Case Tracking System


The EFT system operated by the twelve US Federal Reserve Banks, commonly used by banks, credit union, and federal agencies for same-day wire fund transfers.


Financial Institution


Short for financial technology, fintech refers to any entity that uses technology to interact with financial services or automate commands in the financial industry.


Financial National Services


Federal Reserve Bank


Foreign Exchange

Health check

Connect to an API to make sure that the application endpoint can receive the request and confirm there are no interruptions to service.


A core banking system that provides real-time access to bank customer relationships to verify accounts and settle funds.


International Automated clearing house Transaction


The method for REST APIS with HTTP/S to check if a single call used multiple times has the same result.

Instant payments

Another term for real-time payments. See RTP.

Intraday Reporting API

The Intraday Reporting API presents memo transactions like deposit activity, CDA funding requirements, incoming CDA checks, incoming ACH debits and credits, incoming wires, and ACH and wire transactions for a single day in one report.

IP address

The internet protocol address is a numerical label assigned to each device or application connected to the internet. Addresses can uniquely identify devices and route data to its intended destination.


Key Business Online

Key concepts

API developer portal summary of common functions, request/response parameters, and messaging for multiple API products offered at KeyBank.


A string of letters and numbers that acts as a unique identifier to authenticate API calls. To learn more, see API security. There are two types of keys needed to access the API: consumer keys and client keys. Consumer keys to authenticate user access and verification the API consumer identity. Client keys to permit use and access of subscribed API products and services. API keys can also be used to track user engagement with the APIs like number of requests made and the type of requests.


A service provided by banks to streamline deposits for receiving financial institutions.

Micro deposits

Small amounts of money sent from one financial account to another to verify and authenticate account ownership.


Mutual Transport Layer Security; A two-way authentication mechanism that uses digital certificates signed using the PKI framework.


National Automated Clearing House Association; The governing body that oversees the ACH network.


Non-Human Identification


Notification of Change


National Shared Database is the collection of data contributed to by consumers and used to verify account owner information.


Short for Open Authorization, OAuth 2.0 is an open standard for token-based permission to access APIs.


Origination Depository Financial Institution; The financial institution of the originator.


Office of Foreign Asset Control


Online Banking


Online Delivery System


The process of becoming a KeyBank API consumer.

OpenAPI specification

A logical organization of API product code adhering to OpenAPI standards and presented in a readable file format. This language-agnostic description enables both developers and applications to discover and fully understand an APIs capabilities and parameters.


The company or business that initiates a credit (payment) transaction to the receiver (payee). Before a transaction can be sent, the originator has authorized the receiver to credit or debit their account.


Payment Assigned Reference; The PAR number is a unique identifier assigned by the ACH Product Processor. This is used to identify the transaction without exposing any sensitive consumer identification information.

Payment chain

A sequence of events to send a payment from the originator (debit party) to the receiver (credit party).


Payment Card Industry


Public Key Infrastructure


The status when a transaction is received by the ACH processor, reviewed by the ACH operator, and currently with core banking applications to secure and transfer funds. It could also indicate that the funds have been completely settled between originator and receiver.


Prearranged Payments and Deposits


This environment is ideal for fine-tuning before you go live. Use integration testing to ensure your API is functioning properly and end-to-end testing to validate your build.


Test transactions to help confirm the correct bank account information, like the penny test.

Previous Day Reporting API

The Previous Day Reporting API presents posted transactions like deposit activity, paid checks, incoming ACH debits and credits, incoming wires, and ACH and wire transactions together in one report.


The live environment where any user with web access to the application or tool can view and interact with the content/services. The production environment returns live responses with real data and real money.

Rate limiting

The number of API calls allowed in a given time period. A user may be throttled when exceeding that limit.


Receiving Depository Financial Institution is the financial institution of the receiver. The ACH operator processes the transactions and sends the funds to the financial institution before the money is posted to the receiver's account.


The individual or company that receives the funds. Before a transaction can be received, the receiver has authorized the originator to credit or debit their account.


Information returned by an API. A resource typically has multiple endpoints and methods to access the information.


REpresentational State Transfer; Sometimes referred to RESTful APIs, REST APIs is an architectural style with design principles that provide a flexible, lightweight way to integrate applications. For more information on how we've used REST APIs, read our OpenAPI spec.


When the banking application cannot process the payment, mainly due to insufficient funds, the payment is sent back to the originator.


To pull back a payment that originated erroneously. When you reverse a transaction, a debit is created on the receiver's account.


Real-Time Payment

RTP Send Payment API

The RTP Send Payment API speeds up the payment process for faster, more efficient transactions. See instant payments.


Reusable containers of parameters that can be reference in an API to complete an action or part of a set of actions.

SEC code

A three-letter code describing how an ACH transaction was authorized by the recipient.

Service agreement

A contract between KeyBank and financial businesses and applications that intend to use and integrate with KeyBank’s suite of APIs. The service agreement identifies the API products allowed, data volume, and other specifics require to ensure a proper configuration of services.


A banking process that indicates when funds have successfully and completely transferred from ODFI to RDFI.


Secure File Transfer Protocol


Dev Portal users and API consumers can demo KeyBank’s APIs by imitating a real API server and providing realistic static mock API responses to requests. In turn, the mock simulates the data the API would return, matching schema with data types, objects, and arrays. This allows for testing connectivity prior to development.

Site visitor

A user visiting the developer portal with access to public content only. See unauthenticated user.

Stop Payment API

The Stop Payment API halts the processing for check payments quickly before it is cashed.


Society of Worldwide Interbank Financial Telecommunication


Transport Layer Security


Terms of Service


Transactions Per Second

Trace number

The trace number is a unique identifier for an ACH transaction generated by the ACH Origination API. Use this number for your ACH Inquiry API requests.

Unauthenticated user

A public site visitor with view access to published content available online. This user does not have an account with KeyBank and has not started the onboarding process.


Stop an ACH payment transaction before it is collected by the ACH processor. The time window to stop an ACH payment is configurable.


Universally Unique Identifier


An event-driven notification method for one-way communication between web systems in real-time. After registration, notifications and alerts can be sent automatically upon a specific event like a payment collected or posted.


An electronic way to transfer money.

Wire Inquiry API

The Wire Inquiry API tracks the progress of a wire payment and reports its status.

Wire Origination API

The Wire Origination API initiates wire payments and reports its status.


YAML Ain't a Markup Language; A file type that converts the API code in JSON format to a user-friendly data serialization language. YAML is easier way to read and review the API specifications.