# GET /api/v1/businesses/{business_id}/cfo-portal/debt-schedule/instruments/{instrument_id}/covenants

> List covenants for a debt instrument

- **Tag:** cfo-portal
- **Operation ID:** `cfo_portal_list_debt_covenants_api_v1_businesses__business_id__cfo_portal_debt_schedule_instruments__instrument_id__covenants_get`

## Description

List financial covenants attached to a debt instrument.

## Authentication

Bearer token in `Authorization` header.
Required header: `x-business-id: <business uuid>`.

## Parameters

- `business_id` (path, string, required)
- `instrument_id` (path, string, required)

## Responses

### 200 — Successful Response

Schema: `SuccessEnvelope_list_DebtCovenantResponse__`

- `success` (boolean)
- `message` (string)
- `code` (string)
- `data` (array · DebtCovenantResponse)

### 401 — Unauthorized - Authentication required

### 403 — Forbidden - Insufficient permissions

### 404 — Not Found - Resource does not exist

### 422 — Validation Error

Schema: `HTTPValidationError`

- `detail` (array · ValidationError) → `ValidationError`
  - `loc` (array · string | integer · required)
  - `msg` (string · required)
  - `type` (string · required)
  - `input` (object)
  - `ctx` (object)

## Code samples

### cURL

```bash
curl -X GET 'https://api.ondayzero.com/api/v1/businesses/{business_id}/cfo-portal/debt-schedule/instruments/{instrument_id}/covenants' \
  -H 'Authorization: Bearer dz_your_token' \
  -H 'x-business-id: YOUR_BUSINESS_ID'
```

### JavaScript

```javascript
const response = await fetch('https://api.ondayzero.com/api/v1/businesses/{business_id}/cfo-portal/debt-schedule/instruments/{instrument_id}/covenants', {
  method: 'GET',
  headers: {
    Authorization: 'Bearer dz_your_token',
    'x-business-id': 'YOUR_BUSINESS_ID',
  },
});
const data = await response.json();
```

### Python

```python
import httpx

headers = {
    "Authorization": "Bearer dz_your_token",
    "x-business-id": "YOUR_BUSINESS_ID",
}

response = httpx.get("https://api.ondayzero.com/api/v1/businesses/{business_id}/cfo-portal/debt-schedule/instruments/{instrument_id}/covenants", headers=headers)
data = response.json()
```

## See also

- HTML version: https://www.ondayzero.com/docs/reference/cfo-portal/cfo-portal-list-debt-covenants
- OpenAPI slice: https://www.ondayzero.com/docs/reference/cfo-portal/cfo-portal-list-debt-covenants/openapi.json
- Other endpoints in **cfo-portal**: https://www.ondayzero.com/docs/reference/cfo-portal