GuideCore APIOperationsComponents

Authorization Controls

Allow and block lists that shape which transactions are approved.

An authorization control limits spending by specified users at specified merchants. You can limit spending at a single merchant or at a group of merchants, and you can limit spending by a single user, users with a particular card product, or all users.

You can block spending at all merchants by default and then allow it for specific merchants, or you can allow spending at all merchants by default and block it at specific merchants.

Tip
See Controlling Spending for a tutorial that walks you through the creation of a spend control, as well as links to more information about merchant category codes.

Create authorization control

Action: POST
Endpoint: /authcontrols

Limit where a user can make transactions to a single merchant or group of merchants. If multiple authorization controls apply to the same user, the limits of all controls are combined.

Request body

Mirrored from the Marqeta reference and truncated here so the MDX compile stays cheap while we demo the devdocs.dev skin. The full parameter table / response schema for this endpoint will be rendered from OpenAPI once the fumadocs-openapi integration lands.

Authentication

How Core API requests are authenticated with HTTP Basic auth.

Users

User resources representing cardholders on your program.