Skip to main content

Testing Spending Policies

This guide focuses on policy semantics: how rules, actions, and priorities combine, and how to prove it with a three-tier threshold test that approves, requires approval, or denies payments based on amount. For environment choices (agent sandbox vs testnet), counterparty and time-window scenarios, and production migration, see Testing Payments Safely.

Prerequisites

A Conto account and organization
An active agent with a linked, funded wallet and an SDK key in CONTO_API_KEY. The Quickstart walks through creating the wallet, connecting the agent, and generating the key

What You’ll Build

Amount RangeExpected ResultPolicy
00 - 10Approved automaticallyUnder all thresholds
1010 - 15Requires approvalExceeds approval threshold
$15+DeniedExceeds max transaction amount

Step 1: Verify Your Setup

Before creating policies, confirm the agent is correctly configured:
curl https://conto.finance/api/sdk/setup \
  -H "Authorization: Bearer $CONTO_API_KEY"
This returns your agent’s profile, linked wallets, active policies, and current spend tracking. Check that:
  • agent.status is "ACTIVE"
  • wallets array is not empty
If either check fails, go back to the Quickstart.

Step 2: Create Policies

Create two policies to test different enforcement behaviors.

Policy A: Spend Limit

1

Create the policy

Go to Policies in the sidebar and click Create Policy.
  • Name: “Manual Spend Test”
  • Description: “Deny transactions over $15”
  • Policy Type: SPEND_LIMIT
2

Add a rule

FieldValue
Rule TypeMAX_AMOUNT
OperatorLTE
Value15
ActionALLOW
This allows transactions up to $15. Anything above is denied.
How rule actions work:
  • ALLOW + LTE $15 means: “Allow transactions where the amount is ≤ $15”
  • Transactions that do NOT match the ALLOW condition are implicitly denied
  • DENY + GT $15 achieves the same effect: “Deny transactions where amount > $15”
  • REQUIRE_APPROVAL + GT $10 means: “Require manual approval when amount > $10”
Think of it as: the action tells Conto what to do when the condition is true.

Policy B: Approval Threshold

1

Create the policy

  • Name: “Manual Approval Test”
  • Description: “Require approval for transactions over $10”
  • Policy Type: APPROVAL_THRESHOLD
2

Add a rule

FieldValue
Rule TypeREQUIRE_APPROVAL_ABOVE
OperatorGREATER_THAN
Value10
ActionREQUIRE_APPROVAL
Transactions over $10 require manual approval in the dashboard before they can execute.

Step 3: Assign Policies to the Agent

1

Open agent detail page

Navigate to your agent’s detail page.
2

Go to the Permissions tab

Click the Permissions tab.
3

Assign both policies

Assign “Manual Spend Test” and “Manual Approval Test” to the agent. All assigned policies are evaluated with AND logic, the most restrictive rule wins.
You can re-run the GET /api/sdk/setup call from Step 1 to confirm policies now shows both assigned policies.

Step 4: Run Test Transactions

Use curl or any HTTP client to test the three scenarios.

Test 1: $5 Payment (Expect: APPROVED)

curl -X POST https://conto.finance/api/sdk/payments/request \
  -H "Authorization: Bearer $CONTO_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "amount": 5,
    "recipientAddress": "0x1234567890abcdef1234567890abcdef12345678",
    "purpose": "Test - under all limits",
    "category": "software"
  }'
Expected response:
{
  "requestId": "cmm...",
  "status": "APPROVED",
  "currency": "pathUSD",
  "wallet": {
    "address": "0x788dD0...",
    "availableBalance": 999822
  }
}

Test 2: $12 Payment (Expect: REQUIRES_APPROVAL)

curl -X POST https://conto.finance/api/sdk/payments/request \
  -H "Authorization: Bearer $CONTO_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "amount": 12,
    "recipientAddress": "0x1234567890abcdef1234567890abcdef12345678",
    "purpose": "Test - over approval threshold"
  }'
Expected response:
{
  "requestId": "cmm...",
  "status": "REQUIRES_APPROVAL",
  "violations": [
    {
      "type": "PER_TX_LIMIT",
      "message": "[Policy: Manual Approval Test] Amount $12 exceeds approval threshold $10",
      "source": "policy_rule",
      "policyName": "Manual Approval Test"
    }
  ]
}

Test 3: $20 Payment (Expect: DENIED)

curl -X POST https://conto.finance/api/sdk/payments/request \
  -H "Authorization: Bearer $CONTO_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "amount": 20,
    "recipientAddress": "0x1234567890abcdef1234567890abcdef12345678",
    "purpose": "Test - over max amount"
  }'
Expected response:
{
  "requestId": "cmm...",
  "status": "DENIED",
  "violations": [
    {
      "type": "PER_TX_LIMIT",
      "message": "[Policy: Manual Spend Test] Transaction amount $20 exceeds limit $15",
      "source": "policy_rule",
      "policyName": "Manual Spend Test"
    }
  ]
}

Step 5: Execute an Approved Payment

If Test 1 returned APPROVED, you can execute it onchain:
curl -X POST https://conto.finance/api/sdk/payments/REQUEST_ID/execute \
  -H "Authorization: Bearer $CONTO_API_KEY"
Response includes the txHash and an explorer URL to verify onchain.

Using the SDK Instead of curl

The same three tests in TypeScript (conto.payments.request with amounts 5, 12, and 20) are shown in the Quickstart’s SDK step.

Editing Wallet Limits After Setup

If you need to change wallet spending limits after the initial setup:
  1. Go to the agent detail page
  2. Open the Overview or Wallets tab
  3. Click the pencil icon next to the wallet
  4. Update per-transaction, daily, weekly, or monthly limits
  5. Click Save Changes
If the per-transaction limit is set to $0, the wallet-level per-transaction cap is disabled. Update it to a positive value when you need a cap.

How Policy Evaluation Works

Conto evaluates wallet-level limits first, then policy rules with AND logic. The first DENY stops evaluation. Org-level policies stack with agent-level policies. See Policy Overview for the full reference.

Troubleshooting

These accordions cover policy-semantics issues. For setup issues (lost SDK keys, unfunded wallets), see the Quickstart troubleshooting; for environment and scenario issues, see Testing Payments Safely.
Multiple policies are evaluated with AND logic. If one policy denies while another would require approval, the denial takes priority. Check which policies are assigned in the Permissions tab.
Policies at the same priority level are all evaluated. If both an approval threshold (>$10) and a spend limit (>$15) match, DENY wins over REQUIRES_APPROVAL. Priority changes sort order only; it does not override a failing rule.
Org-level policies apply to all agents. If a Starter policy caps transactions at 25andyouragentpolicyallowsupto25 and your agent policy allows up to 100, the $25 cap wins. Check with your org admin.

Next Steps

Policy Types

Explore all available policy rule types

SDK Reference

Full SDK payment methods and options

Time Windows

Restrict payments to specific hours and days

Counterparties

Allowlist and blocklist recipient addresses