Skip to main content

Time Window Policies

Time window policies restrict when transactions can occur based on hours and days. Policy-rule time windows use the server’s local time. Wallet-level time windows are evaluated in the agent-wallet link’s configurable IANA timezone, which defaults to UTC.

Configuration (API)

Create rules via the Policy Rules API:

Rule Types

TIME_WINDOW (Hours)

Restrict transactions to specific hours of the day:

DAY_OF_WEEK (Days)

Restrict transactions to specific days of the week: Valid day values: Mon, Tue, Wed, Thu, Fri, Sat, Sun

BLACKOUT_PERIOD

Block transactions during maintenance windows or holidays:

Wallet-Level Time Windows

Time windows can also be set on the agent-wallet link (POST /api/agents/{id}/wallets or PATCH /api/agents/{id}/wallets/{walletId}):
allowedHoursStart/allowedHoursEnd and allowedDays are evaluated in the link’s IANA timezone, which defaults to UTC. The timezone field can be set when linking the wallet (POST /api/agents/{id}/wallets) and changed later on the update endpoint (PATCH /api/agents/{id}/wallets/{walletId}); invalid IANA names are rejected with a 400.

Use Cases

Business Hours

Only allow transactions during working hours

Extended Hours

Allow transactions in extended support hours

Weekends Only

For agents that operate on weekends

24/7

No time restrictions (allow always)

Error Response

When a transaction is blocked by time window:

Best Practices

Set the link’s timezone to your organization’s operating timezone (for example, America/New_York) instead of converting hours to UTC by hand. With the timezone set, allowedHoursStart/allowedHoursEnd read as local business hours, daylight saving time is handled for you, and allowedDays matches the local calendar day. If you leave it unset, the link defaults to UTC. Time window violations include the evaluated timezone in the error message.
Align time windows with when humans are available to monitor:
  • During work hours: Standard limits
  • After hours: Stricter limits or blocked
Allow small transactions any time, but require approval after hours by assigning two policies to the agent. Conto evaluates them with AND logic.