curl --request GET \
--url https://api.next.orenda.finance/applications/search \
--header 'Authorization: Bearer <token>'const options = {method: 'GET', headers: {Authorization: 'Bearer <token>'}};
fetch('https://api.next.orenda.finance/applications/search', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));import requests
url = "https://api.next.orenda.finance/applications/search"
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, headers=headers)
print(response.text){
"success": true,
"result": {
"total": 2,
"data": [
{
"applicationId": "a1b2c3d4-0000-4a1b-9c2d-111122223333",
"customerId": "c9f8e7d6-1111-4b2c-8d3e-444455556666",
"email": "ada@example.com",
"isCompany": false,
"workflowStage": "CUSTOMER",
"currentStep": "RISK_COMPLIANCE_REVIEW_RFI",
"clientReference": "REF-00891",
"createdDateTime": "2026-05-12T09:31:04.000Z"
},
{
"applicationId": "b2c3d4e5-0000-4a1b-9c2d-777788889999",
"customerId": "d0e1f2a3-2222-4c3d-9e4f-aaaabbbbcccc",
"email": "compliance@acme-ltd.example",
"isCompany": true,
"workflowStage": "CUSTOMER",
"currentStep": "COMPLETED",
"clientReference": "REF-00892",
"createdDateTime": "2026-05-13T14:02:55.000Z"
}
]
}
}Search applications and customers
Search onboarding applications and customers. Required claim: transactions.view.
Applications versus customers are distinguished by workflowStage: customers are workflowStage=CUSTOMER with workflowStageExclude=false, while in-flight applications are workflowStage=CUSTOMER with workflowStageExclude=true.
Admin CSV exports (resultType=file) include onboarding columns (Current Step, Required Actions) and, when a compliance decision exists, Risk Compliance Action / Risk Compliance Reason. Current Step may be RISK_COMPLIANCE_REVIEW_RFI when compliance has requested information from the program.
All filters accept comma-separated values for multi-select.
curl --request GET \
--url https://api.next.orenda.finance/applications/search \
--header 'Authorization: Bearer <token>'const options = {method: 'GET', headers: {Authorization: 'Bearer <token>'}};
fetch('https://api.next.orenda.finance/applications/search', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));import requests
url = "https://api.next.orenda.finance/applications/search"
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, headers=headers)
print(response.text){
"success": true,
"result": {
"total": 2,
"data": [
{
"applicationId": "a1b2c3d4-0000-4a1b-9c2d-111122223333",
"customerId": "c9f8e7d6-1111-4b2c-8d3e-444455556666",
"email": "ada@example.com",
"isCompany": false,
"workflowStage": "CUSTOMER",
"currentStep": "RISK_COMPLIANCE_REVIEW_RFI",
"clientReference": "REF-00891",
"createdDateTime": "2026-05-12T09:31:04.000Z"
},
{
"applicationId": "b2c3d4e5-0000-4a1b-9c2d-777788889999",
"customerId": "d0e1f2a3-2222-4c3d-9e4f-aaaabbbbcccc",
"email": "compliance@acme-ltd.example",
"isCompany": true,
"workflowStage": "CUSTOMER",
"currentStep": "COMPLETED",
"clientReference": "REF-00892",
"createdDateTime": "2026-05-13T14:02:55.000Z"
}
]
}
}Authorizations
Bearer authentication header of the form Bearer <token>, where <token> is your auth token.
Query Parameters
The program to scope results to. Required unless allPrograms=true is passed. Multi-program operators are bounded to their entitled programs.
Filter by customer ID. Comma-separated for multi-select.
Free-text search across indexed fields.
1-based page number. Defaults to 1.
x >= 1Maximum number of items per page.
x >= 1When true, searches across all of the operator's entitled programs instead of a single programId.
true, false Result format. json (default) returns inline results; file returns a presigned S3 CSV URL (valid 1 hour) in place of the data array.
json, file Customises the filename of the exported CSV when resultType=file.
Filter to company (true) or individual (false) applications.
true, false Onboarding workflow stage to match, e.g. CUSTOMER. Comma-separated for multi-select.
When true, the workflowStage filter is inverted (match everything except the given stage). Used to separate in-flight applications from completed customers.
true, false Filter by customer type. Comma-separated for multi-select.
When true, returns results in the risk-report format (risk/compliance-oriented columns).
true, false Filter by the program's client reference. Comma-separated for multi-select.