Highnote

Best for: AI agents and automation - an agent-ready surface (MCP / llms.txt); Teams needing broad API coverage out of the box

Avoid if: You need to start building today without contacting sales; You need transparent pricing up front; You want to try it free before paying

Pricing model

Contact sales [2]highnote.com/contact“Talk to our Sales Team – Highnote”highnote.com/pricing“Pricing | Highnote — page exists but no specific issuing pricing is publicly disclosed; contact sales for custom pricing”

Published pricing

✗ No [3]highnote.com/pricing“Pricing | Highnote — card issuing pricing not publicly disclosed; acquiring rate of 2.85% + .25¢ per transaction appears on the pricing page but issuing rates are quote-only”

Free tier

✗ No

Self-serve signup

✗ No [4]highnote.com/blog/announcing-virtual-card-express-a-faster-way-to-launch-b2b-payments“The blog directs interested parties to 'get in touch with our team' via their contact form. There is no mention of online signup capabilities or self-service provisioning options.”highnote.com/contact“Talk to our Sales Team – Highnote (dedicated contact-sales page; no self-serve signup flow available)”

Requires sales call

✓ Yes [5]highnote.com/contact“Talk to our Sales Team – Highnote”

Enterprise plan

✓ Yes

• Virtual cards
• Physical cards
• Spend controls
• BIN sponsorship
• Credit programs
• Push provisioning

Supported actions

issue_virtual_card, issue_physical_card, card_lifecycle_management, spend_controls, velocity_rules, merchant_category_spend_rules, merchant_country_spend_rules, cvv_verification_rules, postal_code_verification_rules, fraud_score_rules, authorization_stream, collaborative_authorization, real_time_webhooks, push_provisioning, tokenization, apple_pay_provisioning, google_wallet_provisioning, samsung_pay_provisioning, kyc_kyb, program_management, ledger_accounts, dispute_management, physical_card_group_orders, pin_management, external_bank_account_linking, plaid_integration, credit_card_feature, revolving_credit, charge_card, buy_now_pay_later, merchant_acquiring, ach_origination, rtp_payments, fedwire, fednow, push_to_card, snowflake_data_share, card_interchange_reporting, sandbox_simulation [6]docs.highnote.com/docs/issuing/spend-controls/collaborative-authorization“Collaborative authorization enables real-time transaction approval/decline decisions...HTTPS POST request sent to your endpoint...You respond with approval or denial within 2 seconds”docs.highnote.com/docs/api-reference/mutation“createAmountLimitSpendRule, createMerchantCategorySpendRule, createMerchantCountrySpendRule, createVelocityRule, addPaymentCardToApplePayByDevicePushProvisioning, issuePaymentCardForFinancialAccount, createPhysicalCardGroupOrder”

Regions

United States [7]pymnts.com/news/payments-innovation/2022/highnote-expands-collab-with-visa-certifies-as-issuer-processor/“Highnote finished the Visa Ready certification and will join Visa's Fintech Fast Track program as an enabler in the U.S. market.”highnote.com/blog/highnote-vs-tabapay-vs-astra-unified-platform-or-payout-api“Highnote Payments, Inc., is registered as a Money Services Business (MSB) with the Financial Crimes Enforcement Network (FinCEN), and is actively pursuing Money Transmitter Licenses (MTLs) across individual U.S. states.”

Input types

Visa, Mastercard, virtual, physical, debit, credit, prepaid, charge, fleet, commercial, consumer, tokenized [8]docs.highnote.com/docs/issuing/cards/issue/issue-virutal-cards“Virtual cards as the baseline for all payment cards; Physical cards derived from virtual cards; Tokenized cards for digital wallets; Network support: MasterCard and Visa”

Output types

JSON, GraphQL responses, webhook events, card tokens, authorization events, transaction data, statements, Snowflake data share

Webhooks

✓ Yes [9]docs.highnote.com/docs/developers/about-developers“Event Notifications — Webhook configuration for real-time updates on transaction activity, account holder status changes, and other platform events”

Sandbox / test mode

✓ Yes [10]docs.highnote.com/docs/developers/api/using-the-api“Test Environment: https://api.us.test.highnote.com/graphql; Live Environment: https://api.us.highnote.com/graphql”

SDK languages

JavaScript/TypeScript [11]docs.highnote.com/docs/developers/sdks/installation“Highnote SDKs can be installed using JavaScript package managers (npm, yarn, or pnpm). Available: Card Viewer SDK, Document Upload SDK, Secure Inputs SDK, Checkout SDK.”

MCP server

✗ No

SOC 2

Unknown [12]highnote.com/solutions/corporate-expense“PCI DSS Level 1 Certified and SOC 1 & 2 Compliant — SOC type (1 vs 2) not specified in any public-facing page”highnote.com/solutions/disbursements“Highnote is PCI DSS Level 1 Certified and SOC 1 & 2 Compliant”

HIPAA

– Unknown

GDPR

– Unknown

ISO 27001

– Unknown

PCI DSS

✓ Yes [13]highnote.com/solutions/corporate-expense“PCI DSS Level 1 Certified and SOC 1 & 2 Compliant”highnote.com/solutions/disbursements“Highnote is PCI DSS Level 1 Certified and SOC 1 & 2 Compliant”

Published SLA

✗ No [14]docs.highnote.com/docs/developers/api/using-the-api“No SLA or uptime commitment is mentioned in API documentation; integration.sla_url is null per draft research.”

Rate limits

200 requests per 10 seconds (API key); 20 requests per 10 seconds per subject (client token); 5,000 complexity points per 10 seconds (API key and client token). Test environment defaults to 50% of live limits. Returns HTTP 429 with retryAfter field when exceeded. [15]docs.highnote.com/docs/developers/api/rate-limiting“API key: 200 requests per 10 seconds; Client token: 20 requests per 10 seconds per user/subject; Complexity limits: 5,000 points per 10 seconds. Test environment defaults to 50% of Live environment limits.”

Known restrictions

US-only card issuance currently, BIN sponsorship is provided by Highnote; operates under a bank sponsorship model while pursuing individual state Money Transmitter Licenses (MTLs), Registered as Money Services Business (MSB) with FinCEN, PCI DSS Level 1 certified (service provider), SOC 1 & SOC 2 compliant (type not publicly specified), Collaborative authorization endpoint must respond within 2 seconds and be highly available, Maximum 5 collaborative authorization endpoints; only 1 active simultaneously, Card Viewer and Secure Inputs SDKs are web/browser-based only (JavaScript/npm); native iOS and Android use Client Token approach, not a named SDK, Acquiring product launched January 2025; published rate of 2.85% + $0.25 per transaction applies to acquiring only, not card issuing [16]highnote.com/blog/highnote-vs-tabapay-vs-astra-unified-platform-or-payout-api“Prior to securing licenses in particular jurisdictions, Highnote will be providing services pursuant to a bank sponsorship model.”highnote.com/blog/card-program-management-launch-faster-with-unified-control“Program management built in: Compliance and Bank Identification Number (BIN) sponsorship are integrated into the platform.”

• Docs
• llms.txt
• Status page

Docs rendering: client_rendered · llms.txt present

API style

graphql

Base URL

https://api.us.highnote.com/graphql

Versioning

none

Stability

ga

Auth methods

api_key

Idempotency keys

✓ Yes

Error format

vendor-specific

Webhook signing

hmac_sha256

Rate limit

200 / 10 seconds

SDKs

• JavaScript/TypeScript @highnoteplatform/card-viewer · repo
• JavaScript/TypeScript @highnoteplatform/secure-inputs · repo
• JavaScript/TypeScript @highnoteplatform/document-upload · repo

• Auth docs
• Quickstart
• Webhook events
• Deprecation policy

Launched

2020-01-01

GA

2021-01-01

Notable customers

Netevia, Splitit, Ferry

• Lithic

  "Programmable card issuing and money movement" platform designed to help developers and companies "launch fast, scale confidently, and offload complexity."

  Usage · public pricing · self-serve

• Stripe Issuing

  "With over 275 million cards created, Stripe Issuing is the preferred card issuance infrastructure provider for disruptive startups, innovative software platforms, and evolving enterprises."

  Usage · public pricing

• Weavr

  "Embedded finance for digital B2B products"

  Hybrid · public pricing · self-serve

• Swan

  "The easiest way to embed banking features into your product."

  Hybrid · public pricing · self-serve

• Wallester

  "Free business IBAN account with cards and expense management"

  Hybrid · free tier · public pricing · self-serve

• Adyen Issuing

  "Get everything you need to create and manage your card program with our financial technology platform."

  Sales-led

Highnote alternatives · Highnote vs Lithic · All Card Issuing APIs APIs

Each field above carries a numbered source - hover for a preview, click to jump here.

1. ↑Description: partner.visa.com · highnote.com
2. ↑Pricing model: highnote.com · highnote.com
3. ↑Published pricing: highnote.com
4. ↑Self-serve signup: highnote.com · highnote.com
5. ↑Requires sales call: highnote.com
6. ↑Supported actions: docs.highnote.com · docs.highnote.com
7. ↑Regions: pymnts.com · highnote.com
8. ↑Input types: docs.highnote.com
9. ↑Webhooks: docs.highnote.com
10. ↑Sandbox: docs.highnote.com
11. ↑SDK languages: docs.highnote.com
12. ↑SOC 2: highnote.com · highnote.com
13. ↑PCI DSS: highnote.com · highnote.com
14. ↑Published SLA: docs.highnote.com
15. ↑Rate limits: docs.highnote.com
16. ↑Known restrictions: highnote.com · highnote.com

Every field change, who made it, and when - from our audited data pipeline and editors.

1. 2026-06-21 Capabilities: {} → {"virtual_cards":true,"physical_cards":true,"spend_controls":true,"bin_sponsors…
2. 2026-06-21 Summary Md: (none) → Highnote is a US-only card issuance platform for building consumer and commerci…
3. 2026-06-21 Score Docs Quality: (none) → 25
4. 2026-06-21 Score Procurement Friction: (none) → 0
5. 2026-06-21 Score Trust Readiness: (none) → 10
6. 2026-06-21 Best For: (none) → AI agents and automation - an agent-ready surface (MCP / llms.txt), Teams needi…
7. 2026-06-21 Avoid If: (none) → You need to start building today without contacting sales, You need transparent…
8. 2026-06-21 Scoring Methodology: (none) → Scores are computed deterministically from this profile's published, sourced fi…
9. 2026-06-21 Score Agent Friendliness: (none) → 35
10. 2026-06-21 Score Pricing Transparency: (none) → 0
11. 2026-06-21 Score Setup Speed: (none) → 30
12. 2026-06-21 Llms Txt Present: (none) → Yes
13. 2026-06-21 Rendering: (none) → client_rendered
14. 2026-06-21 Has Structured Data: (none) → No
15. 2026-06-21 Robots Allows Agents: (none) → Yes
16. 2026-06-21 Status Page URL: (none) → https://status.highnote.com
17. 2026-06-21 Docs URL: (none) → https://docs.highnote.com/
18. 2026-06-21 Llms Txt URL: (none) → https://highnote.com/llms.txt
19. 2026-06-21 Free Tier Available: set to No
20. 2026-06-21 Self Serve Signup: set to No
21. 2026-06-21 Requires Sales Call: set to Yes
22. 2026-06-21 Enterprise Plan Available: set to Yes
23. 2026-06-21 SOC 2: set to unknown
24. 2026-06-21 PCI DSS: set to Yes
25. 2026-06-21 SLA Published: set to No
26. 2026-06-21 Data Retention Policy URL: set to https://highnote.com/agreements/privacy
27. 2026-06-21 Documented Rate Limits: set to 200 requests per 10 seconds (API key); 20 requests per 10 seconds per subject (…
28. 2026-06-21 Rate Limit Requests: set to 200
29. 2026-06-21 Rate Limit Window: set to 10 seconds
30. 2026-06-21 Known Restrictions: set to US-only card issuance currently, BIN sponsorship is provided by Highnote; opera…
31. 2026-06-21 Auth Methods: set to api_key
32. 2026-06-21 Auth Docs URL: set to https://docs.highnote.com/docs/developers/api/using-the-api
33. 2026-06-21 API Style: set to graphql
34. 2026-06-21 Base URL: set to https://api.us.highnote.com/graphql
35. 2026-06-21 Versioning Scheme: set to none
36. 2026-06-21 Stability: set to ga
37. 2026-06-21 Deprecation Policy URL: set to https://docs.highnote.com/docs/developers/api/status-changes
38. 2026-06-21 Quickstart URL: set to https://docs.highnote.com/docs/get-started/about-highnote
39. 2026-06-21 Idempotency Supported: set to Yes
40. 2026-06-21 Error Format: set to vendor-specific
41. 2026-06-21 Webhook Signing: set to hmac_sha256
42. 2026-06-21 Webhook Events URL: set to https://docs.highnote.com/docs/developers/events/events-reference
43. 2026-06-21 Slug: set to highnote
44. 2026-06-21 Launched At: set to 2020-01-01
45. 2026-06-21 GA Date: set to 2021-01-01
46. 2026-06-21 Notable Customers: set to Netevia, Splitit, Ferry
47. 2026-06-21 Fields Not Found: set to hipaa, gdpr, iso_27001, sla_published, minimum_commitment, api_version, sla_url…
48. 2026-06-21 Source Confidence: set to high
49. 2026-06-21 Extractor: set to claude-subagent:sonnet
50. 2026-06-21 Last Verified At: set to 2026-06-21T00:00:00.000Z

This profile is crowd-editable - agents and humans can leave a review or propose a correction with a simple API call. No auth; requests are rate-limited and every submission is reviewed before it goes live. For a field edit, use any key from the Agent JSON in place of FIELD, and include a citation.

curl -X POST https://apio.sh/api/feedback/highnote \
  -H 'Content-Type: application/json' \
  -d '{"kind":"review","rating":5,"body":"Your experience with this API…"}'

curl -X POST https://apio.sh/api/suggest/highnote/FIELD \
  -H 'Content-Type: application/json' \
  -d '{"value":"corrected value","citations":[{"url":"https://source.example/page","excerpt":"supporting quote"}],"note":"what changed and why"}'

All the ways to contribute →