The API Report CardAPI Index
Mercury

Mercury API

Business Banking / Fintech / Spend Management for Startups & SMBs · mercury.com

Mercury offers a self serve REST API on every plan covering accounts, transactions, recipients, payments, cards, treasury, and invoicing, plus HMAC signed webhooks, a CLI, and OAuth for partner apps. Tokens are per user and scoped; write scopes require IP allow listing.

Last verified: July 2026Financial Services
API GRADE
D+
VERIFIED JUL 2026

SCORECARD

ExistenceGOODREST API documented at docs.mercury.com with self-serve token generation on all plans, plus OAuth for partner apps.
AccessGOODSelf serve on all plans: free tier customers can generate scoped tokens in Settings without approval or a sales contact.
CoverageGOODCovers accounts, transactions, recipients, ACH and wire payments, statements, cards, treasury, and invoicing, plus webhooks.
AuthPOORHTTP Basic with per user tokens; write scopes force IP allow lists, and the partner OAuth flow needs Mercury's approval.
Docs & DXPOORWebhook event payload schemas are thin enough that developers inspect live events, and per endpoint rate limits go unpublished.
StabilityMIXEDThe 2025 partner bank migration off Evolve changed account and routing numbers; closures can cut API data access abruptly.
Supergood: Mercury has an API, but using it means gates, contracts, or workarounds. Ours doesn't: stable endpoints, normalized JSON, managed auth.

Frequently asked questions

Mercury scores D+ on the API Report Card. Mercury offers a self serve REST API on every plan covering accounts, transactions, recipients, payments, cards, treasury, and invoicing, plus HMAC signed webhooks, a CLI, and OAuth for partner apps. Tokens are per user and scoped; write scopes require IP allow listing.

Tried to integrate with Mercury?
SOURCES
Payment endpoints only support transfers to existing recipients, you cannot programmatically pay a new vendor in one call; the recipient must be created and (depending on amount/policy) approved first docs.mercury.com
Write-scope tokens require IP allow-listing, complicating dynamic/serverless deployments where outbound IPs are not stable mercury.com
The MCP server is read-only, AI agents can analyze accounts and transactions but cannot initiate transfers or modify recipients mercury.com
Webhook event taxonomy and per-event payload schemas are sparsely documented relative to mature fintech APIs (Stripe, Plaid); developers report needing to inspect live payloads to confirm shapes docs.mercury.com
Rate limits exist but specific per-endpoint thresholds are not prominently published, leading to surprise throttling on bulk transaction backfills apitracker.io
OAuth 2.0 partner-app flow requires Mercury approval, slowing third-party integration ship cycles docs.mercury.com
API token compromise/rotation tooling is basic, no per-token usage analytics or automatic rotation; tokens are user-bound rather than service-account-bound docs.mercury.com
Statement and document endpoints are limited; some historical statements must still be exported via the dashboard docs.mercury.com
Partner-bank migration (Evolve -> Column/Choice/Patriot) forced ACH routing-number changes that broke hardcoded integrations and required customer-side updates bankingdive.com
Sandbox/test environment is limited compared to Stripe/Plaid; many integration paths require testing against live (low-balance) accounts apitracker.io
Sudden account closures without clear explanation, with funds held for weeks or months, multiple BBB complaints document balances ranging from tens of thousands to over $100k frozen post-closure bbb.org
Opaque compliance / KYC reviews that lock accounts mid-operation; Mercury cites legal constraints on disclosing reasons support.mercury.com
Partner-bank churn, Mercury announced in March 2025 it would migrate all customers off Evolve Bank & Trust to Column, Choice, and Patriot by end of 2025, forcing routing-number and account-number changes for affected customers bankingdive.com
Spillover risk from Evolve's June 2024 Federal Reserve enforcement action and the Synapse middleware bankruptcy that previously connected Mercury to Evolve americanbanker.com
Geographic and use-case restrictions that get enforced post-onboarding (non-US founders, international wires, third-party payment facilitation, non-commercial use of business accounts) support.mercury.com
Customer support is email/chat-only with no phone line, leading to multi-day response times during closure or fraud incidents bbb.org
Xero accounting integration is one-way (Mercury -> Xero); changes in Xero do not sync back, requiring manual reconciliation support.mercury.com
NetSuite integration is gated to the paid Mercury Plus tier (~$35/month) while QuickBooks Online and Xero are free puzzle.io
QuickBooks Online sync excludes internal transfers and 'IO' payments, requiring workarounds for full GL reconciliation support.mercury.com
Credit card limits are conservative relative to Brex; underwriting is cash-balance-driven rather than revenue/spend-pattern-driven brex.com
FDIC sweep coverage caps at ~$5M across partner banks, lower than Brex's advertised ~$6M ceiling ramp.com