Skip to main content

Documentation Index

Fetch the complete documentation index at: https://conto.finance/docs/llms.txt

Use this file to discover all available pages before exploring further.

Time Window Policies

Time window policies restrict when transactions can occur based on hours and days.

Configuration (API)

Create rules via the Policy Rules API: 
curl -X POST https://conto.finance/api/policies/{policyId}/rules \
  -H "Authorization: Bearer $CONTO_API_KEY" \
  -d '{
    "rules": [
      {
        "ruleType": "TIME_WINDOW",
        "operator": "BETWEEN",
        "value": "{\"start\": \"09:00\", \"end\": \"17:00\"}",
        "action": "ALLOW"
      },
      {
        "ruleType": "DAY_OF_WEEK",
        "operator": "IN_LIST",
        "value": "[\"Mon\", \"Tue\", \"Wed\", \"Thu\", \"Fri\"]",
        "action": "ALLOW"
      }
    ]
  }'

Rule Types

TIME_WINDOW (Hours)

Restrict transactions to specific hours of the day:
PropertyDescription
ruleTypeTIME_WINDOW
operatorBETWEEN (allow within window) or NOT_BETWEEN (block within window)
valueJSON: {"start": "HH:MM", "end": "HH:MM"}
actionALLOW or DENY

DAY_OF_WEEK (Days)

Restrict transactions to specific days of the week:
PropertyDescription
ruleTypeDAY_OF_WEEK
operatorIN_LIST (allow these days) or NOT_IN_LIST (block these days)
valueJSON array: ["Mon", "Tue", "Wed", "Thu", "Fri"]
actionALLOW or DENY
Valid day values: Mon, Tue, Wed, Thu, Fri, Sat, Sun

BLACKOUT_PERIOD

Block transactions during maintenance windows or holidays: 
curl -X POST https://conto.finance/api/policies/{policyId}/rules \
  -H "Authorization: Bearer $CONTO_API_KEY" \
  -d '{
    "rules": [{
      "ruleType": "BLACKOUT_PERIOD",
      "operator": "BETWEEN",
      "value": "{\"windows\": [{\"start\": \"02:00\", \"end\": \"06:00\", \"reason\": \"Maintenance\", \"recurring\": true}]}",
      "action": "DENY"
    }]
  }'

Wallet-Level Time Windows

Time windows can also be set on the agent-wallet link. These include a timezone field that controls how hours and days are evaluated: 
{
  "agentId": "agent_abc",
  "walletId": "wallet_xyz",
  "allowedHoursStart": 9,
  "allowedHoursEnd": 17,
  "allowedDays": ["Mon", "Tue", "Wed", "Thu", "Fri"],
  "timezone": "America/New_York"
}
All wallet-level time checks are evaluated in the wallet’s configured timezone (defaults to UTC). This means a “9-17” window with timezone: "America/New_York" will correctly evaluate against Eastern Time, regardless of where the server is deployed. Uses IANA timezone names (e.g., America/Los_Angeles, Europe/London, Asia/Tokyo).

Use Cases

Business Hours

Only allow transactions during working hours
{
  "startHour": 9,
  "endHour": 18,
  "allowedDays": ["Mon", "Tue", "Wed", "Thu", "Fri"]
}

Extended Hours

Allow transactions in extended support hours
{
  "startHour": 7,
  "endHour": 22,
  "allowedDays": ["Mon", "Tue", "Wed", "Thu", "Fri", "Sat"]
}

Weekends Only

For agents that operate on weekends
{
  "startHour": 0,
  "endHour": 24,
  "allowedDays": ["Sat", "Sun"]
}

24/7

No time restrictions (allow always)
{
  "startHour": 0,
  "endHour": 24,
  "allowedDays": ["Mon", "Tue", "Wed", "Thu", "Fri", "Sat", "Sun"]
}

Error Response

When a transaction is blocked by time window: 
{
  "status": "DENIED",
  "reasons": ["Transaction outside allowed hours"],
  "violations": [
    {
      "type": "TIME_WINDOW",
      "limit": 0,
      "current": 0,
      "message": "Transactions not allowed at 22:00 (America/New_York). Allowed hours: 9:00 - 17:00",
      "source": "wallet_limit"
    }
  ]
}

Best Practices

Set the timezone field on the agent-wallet link to match the organization’s operating timezone. Time window violations will include the timezone in the error message for clarity.
{
  "allowedHoursStart": 9,
  "allowedHoursEnd": 17,
  "timezone": "America/New_York"
}
If unset, defaults to UTC. All IANA timezone names are supported.
Align time windows with when humans are available to monitor:
  • During work hours: Standard limits
  • After hours: Stricter limits or blocked
Allow small transactions any time, but require approval after hours by assigning two policies to the agent. Conto evaluates them with AND logic.
[
  {
    "name": "Business hours",
    "policyType": "TIME_WINDOW",
    "priority": 50,
    "rules": [
      {
        "ruleType": "TIME_WINDOW",
        "operator": "BETWEEN",
        "value": "09:00-17:00",
        "action": "ALLOW"
      }
    ]
  },
  {
    "name": "After-hours approval",
    "policyType": "APPROVAL_THRESHOLD",
    "priority": 40,
    "rules": [
      {
        "ruleType": "REQUIRE_APPROVAL_ABOVE",
        "operator": "GREATER_THAN",
        "value": "50",
        "action": "REQUIRE_APPROVAL"
      }
    ]
  }
]