Skip to main content
POST
/
v1
/
payout-origination
/
{format}
curl --request POST \
  --url https://api.meridian.example.com/v1/payout-origination/{format} \
  --header 'Content-Type: text/plain' \
  --header 'Idempotency-Key: <idempotency-key>' \
  --header 'X-Meridian-Api-Key: <x-meridian-api-key>' \
  --header 'X-Meridian-Program-Id: <x-meridian-program-id>' \
  --header 'X-Meridian-Signature: <api-key>' \
  --header 'X-Meridian-Timestamp: <x-meridian-timestamp>' \
  --data 'PERvY3VtZW50IHhtbG5zPSJ1cm46aXNvOnN0ZDppc286MjAwMjI6dGVjaDp4c2Q6cGFjcy4wMDguMDAxLjA4Ij48RklUb0ZJQ3N0bXJDZHRUcmY+PEdycEhkcj48TXNnSWQ+MjAyNjA0MDctMDAwMTIzPC9Nc2dJZD48L0dycEhkcj48L0ZJVG9GSUNzdG1yQ2R0VHJmPjwvRG9jdW1lbnQ+'
{
  "messageId": "msg_01JVY8Y4N9X2M6S5Q7T1",
  "transactionId": "txn_01JVY8Y4N9X2M6S5Q7T1",
  "status": "RECEIVED",
  "receivedAt": "2026-04-07T20:11:42Z"
}

Authorizations

X-Meridian-Signature
string
header
required

Meridian HMAC header authentication.

Required headers:

  • X-Meridian-Api-Key
  • X-Meridian-Program-Id
  • X-Meridian-Timestamp
  • X-Meridian-Signature

Headers

Idempotency-Key
string
required

Unique key to protect against accidental duplicate submissions

Required string length: 8 - 128
X-Meridian-Program-Id
string
required

Identifies your Meridian program. Required on all requests but not included in the canonical signing string.

Required string length: 8 - 128
X-Meridian-Api-Key
string
required

Public client key identifier used to look up the HMAC secret

Required string length: 8 - 128
X-Meridian-Timestamp
string<date-time>
required

RFC 3339 UTC timestamp used in the HMAC signing string and replay protection. Requests outside the accepted clock skew window should be rejected.

X-Meridian-Signature
string
required

HMAC-SHA256 signature of the canonical signing string. Recommended format: sha256={hex_digest}

Pattern: ^sha256=[A-Fa-f0-9]{64}$

Path Parameters

format
enum<string>
required

Message format identifier. Use pacs008 for ISO 20022 pacs.008.* XML messages or json for Base64-encoded JSON payout payloads.

Available options:
pacs008,
json

Body

text/plain

Base64 string containing the full original message payload, encoded as a single opaque document. For pacs008, the decoded payload is an ISO 20022 XML document. For json, the decoded payload is a JSON object where entityId, beneficiaryId, amount, currency, and reference are all required.

Base64-encoded string containing the full original message payload.

Minimum string length: 20
Example:

"PERvY3VtZW50IHhtbG5zPSJ1cm46aXNvOnN0ZDppc286MjAwMjI6dGVjaDp4c2Q6cGFjcy4wMDguMDAxLjA4Ij48RklUb0ZJQ3N0bXJDZHRUcmY+PEdycEhkcj48TXNnSWQ+MjAyNjA0MDctMDAwMTIzPC9Nc2dJZD48L0dycEhkcj48L0ZJVG9GSUNzdG1yQ2R0VHJmPjwvRG9jdW1lbnQ+"

Response

Message accepted for asynchronous processing

messageId
string
required

Received message id for the accepted message. Use this to correlate the original request.

Example:

"msg_01JVY8Y4N9X2M6S5Q7T1"

transactionId
string
required

Meridian-assigned identifier for the transaction created from the accepted message submission. Use this identifier to track the transaction status with the transaction APIs or webhooks.

Example:

"txn_01JVY8Y4N9X2M6S5Q7T1"

status
enum<string>
required

Initial processing state for the accepted submission.

Available options:
RECEIVED
Example:

"RECEIVED"

receivedAt
string<date-time>
required

RFC 3339 timestamp showing when Meridian accepted the message for asynchronous processing.

Example:

"2026-04-07T20:11:42Z"