Docs Home
Dev Essentials
PaymentsCommerceCustomersStaffMerchants
Publish
Release notes

Docs

Docs Home
Dev Essentials
Payments
Commerce
Customers
Staff
Merchants
Publish
Release notes
Overview
Build a Tip Report
Split an Online Payment
Build a Sales Report
Delayed Capture
Partial Payments
Statement Descriptions
Card Surcharges
ACH Bank Transfer Payment
Afterpay and Clearpay Payments
Cash App Payments
Cash Payments
External Payments
House Accounts
Collect Application Fees
Update Payment and Tip Amounts
Retrieve Payments
Troubleshoot
Webhooks
Refund Payments
Refund a Payment with an App Fee
Retrieve Refunds
Process an Unlinked Refund
Webhooks
Process Disputes
Test in the Sandbox
Quickstart
Take Payments for Orders
Take One-Off Payments
POS App Pairing
Monitor Square Terminals
Check Device Information
Add Payment and Checkout Features
Save Card on File
Print or Issue Receipts
Customize the Idle Screen
Confirmation Screen
Signature Capture Screen
Data Collection Screen
Menu Selection List Screen
QR Code Screen
Link and Dismiss Actions
Manage Terminal Actions
Authorize the Mobile Payments SDK
Pair and Manage Card Readers
Take a Payment
Tap to Pay on Android
Offline Payments
Handling Errors
Authorize the Mobile Payments SDK
Pair and Manage Card Readers
Take a Payment
Tap to Pay on iPhone
Offline Payments
Configure for Square Stand or Square Kiosk
Handling Errors
Migrate from Reader SDK
React Native Plugin
Flutter Plugin
How It Works
Build on Android
Build on iOS
Build on Mobile Web
Find Your Android Fingerprint
Use the API in Offline Mode
Add an Alert Dialog Helper Class
Accept E-Money Payments
Accept QR Payments
Mobile Web Technical Reference
Payments API Integration
Set Up the Web Client App
Add the SDK to the Web Client
Deploy the Application
Take a Card Payment
Apple Pay
Google Pay
Digital Wallet Payment Requests
ACH Bank Transfer
Store and Charge Bank Accounts on File
Afterpay
Cash App Pay
Take a Gift Card Payment
Take Partial Payments
Customize the Card Entry Form
Charge and Store Cards
Add a Content Security Policy
Exception Handling
Set up the Client
Deploy the Server
Install the SDK
Build on Android
Build on iOS
Google Pay
Apple Pay
Localize an Application
Gift Card Payments
Flutter Plugin
React Native Plugin
Customize the Payment Entry Form
Connect to a Backend Service
Remove the Postal Code Requirement
Troubleshoot
How It Works
Verify a Buyer
Quick Pay Checkout
Square Order Checkout
Subscription Plan Checkout
Checkout Settings
Checkout Configurations
Manage Checkout
Guidelines and Limitations
Common Pitfalls and Solutions
Subscription Plans and Variations
Manage Subscriptions
Subscription Actions and Events
Pause, Resume, or Cancel Subscriptions
Subscription Billing and Invoices
Swap Subscription Plan Variations
Create and Publish Invoices
Retrieve, List, or Search Invoices
Create or Delete Invoice Attachments
Update Invoices
Cancel or Delete Invoices
Pay or Refund Invoices
Walkthrough: Create and Publish Invoices
Manage Cards
Create a Card on File from Payment ID
Create a Card on File and Make a Payment
Create a Shared Card on File and Make a Payment
Manage Card Declines
List Payouts
Get Payout
List Payout Entries
Bank Accounts API
Bank Account API Operations
How It Works
Build with Mobile Authorization
Get Authorization Code on Command Line
Payment Methods by Country
Payments Pricing
Strong Customer Authentication
Payment Minimums

/

Payments

/

Bank Accounts API

Bank Account API Operations

Applies to: Bank Accounts API

Use the Bank Accounts API to retrieve seller bank accounts and manage customer bank accounts for ACH payment processing.

Overview
API Operations
Working with Seller Bank Accounts
Working with Customer Bank Accounts
Processing ACH Payments
Filtering and Pagination
Handling Webhooks
Error Handling
Implementation Checklist
Link to section

Overview

This guide covers the operational aspects of using the Bank Accounts API to:

  • Retrieve seller bank account information
  • Create and manage customer bank accounts for ACH payments
  • List and filter bank accounts
  • Handle bank account verification and status changes
Link to section

API Operations

Link to section

Available Endpoints

For All Bank Accounts:

For Customer Bank Accounts Only:

Link to section

Working with Seller Bank Accounts

Link to section

Retrieve Seller Bank Accounts

List all bank accounts for a specific location:

curl https://connect.squareup.com/v2/bank-accounts?location_id=LOCATION_ID \
  -H 'Square-Version: 2025-12-17' \
  -H 'Authorization: Bearer ACCESS_TOKEN' \
  -H 'Content-Type: application/json'
Link to section

Example Seller Bank Account Response

Link to section

Working with Customer Bank Accounts

Link to section

Create a Customer Bank Account

To create a customer bank account, you'll need a source_id (a bank account token) obtained from your payment form or bank account verification flow:

curl https://connect.squareup.com/v2/bank-accounts \
  -X POST \
  -H 'Square-Version: 2025-12-17' \
  -H 'Authorization: Bearer ACCESS_TOKEN' \
  -H 'Content-Type: application/json' \
  -d '{
    "idempotency_key": "4e43559a-f0fd-47d3-9da2-7ea1f97d94be",
    "source_id": "bnon:CA4SEHsQwr0rx6DbWLD5BQaqMnoYAQ",
    "customer_id": "HM3B2D5JKGZ69359BTEHXM2V8M"
  }'

Note

The source_id is a bank account token (prefixed with "bnon:") that represents the tokenized bank account details. This token is typically obtained from the Web Payments SDK or other Square payment form implementations.

Link to section

Example Customer Bank Account Response

Note

Note the fingerprint field in customer bank accounts - this unique identifier helps prevent duplicate bank accounts from being created for the same customer and underlying bank account combination.

Link to section

List Customer Bank Accounts

Warning

Always include the customer_id parameter when retrieving customer bank accounts. Omitting this parameter will return the seller's bank accounts instead, potentially exposing sensitive financial information to unauthorized users (such as displaying the business owner's bank account to store employees).

The same ListBankAccounts endpoint is used for both seller and customer bank accounts. The customer_id parameter determines which accounts are returned:

For customer bank accounts (include customer_id):

curl https://connect.squareup.com/v2/bank-accounts?customer_id=HM3B2D5JKGZ69359BTEHXM2V8M \
  -H 'Square-Version: 2025-12-17' \
  -H 'Authorization: Bearer ACCESS_TOKEN' \
  -H 'Content-Type: application/json'

For seller bank accounts (omit customer_id or use location_id):

# Returns seller accounts - DO NOT use this in customer-facing interfaces
curl https://connect.squareup.com/v2/bank-accounts \
  -H 'Square-Version: 2025-12-17' \
  -H 'Authorization: Bearer ACCESS_TOKEN' \
  -H 'Content-Type: application/json'

Always validate that you're passing the correct customer ID, especially in point-of-sale or customer-facing applications where exposing seller bank accounts would be a serious security breach.

Link to section

Disable a Customer Bank Account

Bank accounts cannot be deleted once created, but they can be disabled to prevent further use. Disabling a bank account is the recommended approach when:

  • A customer wants to remove a bank account from their payment methods
  • A bank account has been compromised or flagged for security reasons
  • You need to prevent accidental charges to an outdated account

Once disabled, the bank account:

  • Cannot be used for new payments
  • Remains in the system for historical records and compliance
  • Will still appear in list operations but with a DISABLED status
  • Cannot be re-enabled (a new bank account must be created if needed)
curl https://connect.squareup.com/v2/bank-accounts/bact:OxfBTiXgByaXds1K4GB/disable \
  -X POST \
  -H 'Square-Version: 2025-12-17' \
  -H 'Authorization: Bearer ACCESS_TOKEN' \
  -H 'Content-Type: application/json'
Link to section

Processing ACH Payments

Once a customer bank account is verified, you can use it to process ACH payments:

curl https://connect.squareup.com/v2/payments \
  -X POST \
  -H 'Square-Version: 2025-12-17' \
  -H 'Authorization: Bearer ACCESS_TOKEN' \
  -H 'Content-Type: application/json' \
  -d '{
    "source_id": "bact:OxfBTiXgByaXds1K4GB",
    "amount_money": {
      "amount": 5000,
      "currency": "USD"
    },
    "customer_id": "HM3B2D5JKGZ69359BTEHXM2V8M",
    "idempotency_key": "payment-key-456"
  }'

Note

The Payments API will reject attempts to charge a seller's bank account. If you accidentally pass a seller bank account ID (which has a different format than customer bank account IDs), the API returns a NOT_FOUND error. Only customer bank accounts (prefixed with "bact:") can be used as payment sources.

Link to section

Filtering and Pagination

Link to section

Filter by Account Type

When using ListBankAccounts, the response will include both seller and customer bank accounts. You can identify the type by checking for either location_id (seller accounts) or customer_id (customer accounts).

Link to section

Pagination

Use cursor-based pagination for large result sets:

curl https://connect.squareup.com/v2/bank-accounts?cursor=CURSOR_VALUE \
  -H 'Square-Version: 2025-12-17' \
  -H 'Authorization: Bearer ACCESS_TOKEN' \
  -H 'Content-Type: application/json'
Link to section

Handling Webhooks

Link to section

Subscribe to Bank Account Events

Configure webhook subscriptions to receive notifications for:

  • bank_account.created - New bank account linked
  • bank_account.verified - Account verification completed
  • bank_account.disabled - Account disabled
Link to section

Example Webhook Payload

Link to section

Error Handling

Link to section

Common Error Codes

Error CodeDescriptionResolution
INVALID_CUSTOMER_IDCustomer ID doesn't existVerify customer exists before creating bank account
DUPLICATE_BANK_ACCOUNTBank account already exists for customerCheck fingerprint to avoid duplicates
VERIFICATION_REQUIREDAccount not verified for paymentsComplete verification process
BANK_ACCOUNT_DISABLEDAccount has been disabledUse a different bank account
Link to section

Verification States

Monitor the status field for verification progress:

  • VERIFICATION_IN_PROGRESS - Awaiting verification
  • VERIFIED - Ready for payments
  • DISABLED - Cannot be used
Link to section

Implementation Checklist

Link to section

For Customer Bank Accounts

  • Implement tokenization - Set up the Web Payments SDK to securely tokenize bank account details before sending them to your server.
  • Create customer profile - Ensure a customer profile exists in Square before attempting to store their bank account information.
  • Handle duplicates - Use the fingerprint field to detect and prevent creating duplicate bank accounts for the same customer.
  • Complete verification - Implement the verification flow using either micro-deposits or instant verification to activate the account.
  • Configure webhooks - Set up webhook handlers to receive notifications when bank account status changes occur.
  • Secure storage - Store the returned bank account ID securely in your database for processing future ACH payments.
  • Enable account management - Provide functionality for customers to disable bank accounts they no longer wish to use.
Link to section

For Seller Bank Accounts

  • Request permissions - Ensure your OAuth application has BANK_ACCOUNTS_READ permission to access seller bank accounts.
  • Display account info - Retrieve and display bank account information in your application's seller dashboard.
  • Support multiple locations - Handle scenarios where sellers have different bank accounts linked to different locations.
  • Monitor status changes - Implement webhook handlers to track when seller bank accounts are verified or disabled.
Link to section

Related APIs

On this page
OverviewAPI OperationsWorking with Seller Bank AccountsWorking with Customer Bank AccountsProcessing ACH PaymentsFiltering and PaginationHandling WebhooksError HandlingImplementation ChecklistRelated APIs