Create

Create a new rule

post/v2/auth_rules

Creates a new V2 Auth rule in draft mode

Body Parameters

bodyunion

One of the following 3 object variants:

Hide ParametersShow Parameters

CreateAuthRuleRequestAccountTokensobject

Hide ParametersShow Parameters

account_tokensarray of string

Account tokens to which the Auth Rule applies.

namestring

optional

Auth Rule Name

maxLength1024

parametersunion

optional

Parameters for the Auth Rule

One of the following 4 object variants:

Hide ParametersShow Parameters

conditionsarray of AuthRuleConditionConditionalBlockParameters

filtersobjectperiodunionscopeenumlimit_amountnumberlimit_countnumberVelocityLimitParams

MerchantLockParametersobject

Hide ParametersShow Parameters

merchantsarray of object

A list of merchant locks defining specific merchants or groups of merchants (based on descriptors or IDs) that the lock applies to.

Hide ParametersShow Parameters

commentstring

optional

A comment or explanation about the merchant, used internally for rule management purposes.

descriptorstring

optional

Short description of the merchant, often used to provide more human-readable context about the transaction merchant. This is typically the name or label shown on transaction summaries.

merchant_idstring

optional

Unique alphanumeric identifier for the payment card acceptor (merchant). This attribute specifies the merchant entity that will be locked or referenced for authorization rules.

Conditional3DSActionParametersobject

Hide ParametersShow Parameters

actionenum

Accepts one of the following: "DECLINE", "CHALLENGE"

The action to take if the conditions are met.

Hide ParametersShow Parameters

"DECLINE"

"CHALLENGE"

conditionsarray of object

Hide ParametersShow Parameters

attributeenum

optional

Accepts one of the following: "MCC", "COUNTRY", "CURRENCY", 5 more

The attribute to target.

The following attributes may be targeted:

• MCC: A four-digit number listed in ISO 18245. An MCC is used to classify a business by the types of goods or services it provides.
• COUNTRY: Country of entity of card acceptor. Possible values are: (1) all ISO 3166-1 alpha-3 country codes, (2) QZZ for Kosovo, and (3) ANT for Netherlands Antilles.
• CURRENCY: 3-character alphabetic ISO 4217 code for the merchant currency of the transaction.
• MERCHANT_ID: Unique alphanumeric identifier for the payment card acceptor (merchant).
• DESCRIPTOR: Short description of card acceptor.
• TRANSACTION_AMOUNT: The base transaction amount (in cents) plus the acquirer fee field in the settlement/cardholder billing currency. This is the amount the issuer should authorize against unless the issuer is paying the acquirer fee on behalf of the cardholder.
• RISK_SCORE: Network-provided score assessing risk level associated with a given authentication. Scores are on a range of 0-999, with 0 representing the lowest risk and 999 representing the highest risk. For Visa transactions, where the raw score has a range of 0-99, Lithic will normalize the score by multiplying the raw score by 10x.
• MESSAGE_CATEGORY: The category of the authentication being processed.

Hide ParametersShow Parameters

"MCC"

"COUNTRY"

"CURRENCY"

"MERCHANT_ID"

"DESCRIPTOR"

"TRANSACTION_AMOUNT"

"RISK_SCORE"

"MESSAGE_CATEGORY"

operationenum

optional

Accepts one of the following: "IS_ONE_OF", "IS_NOT_ONE_OF", "MATCHES", 3 more

The operation to apply to the attribute

Hide ParametersShow Parameters

"IS_ONE_OF"

"IS_NOT_ONE_OF"

"MATCHES"

"DOES_NOT_MATCH"

"IS_GREATER_THAN"

"IS_LESS_THAN"

valueunion

optional

Accepts one of the following: string, number, array of string

A regex string, to be used with MATCHES or DOES_NOT_MATCH

Hide ParametersShow Parameters

Regexstring

A regex string, to be used with MATCHES or DOES_NOT_MATCH

Numbernumber

A number, to be used with IS_GREATER_THAN or IS_LESS_THAN

ListOfStringsarray of string

An array of strings, to be used with IS_ONE_OF or IS_NOT_ONE_OF

typeenum

optional

Accepts one of the following: "CONDITIONAL_BLOCK", "VELOCITY_LIMIT", "MERCHANT_LOCK", "CONDITIONAL_3DS_ACTION"

The type of Auth Rule. Effectively determines the event stream during which it will be evaluated.

• CONDITIONAL_BLOCK: AUTHORIZATION event stream.
• VELOCITY_LIMIT: AUTHORIZATION event stream.
• MERCHANT_LOCK: AUTHORIZATION event stream.
• CONDITIONAL_3DS_ACTION: THREE_DS_AUTHENTICATION event stream.

Hide ParametersShow Parameters

"CONDITIONAL_BLOCK"

"VELOCITY_LIMIT"

"MERCHANT_LOCK"

"CONDITIONAL_3DS_ACTION"

CreateAuthRuleRequestCardTokensobject

Hide ParametersShow Parameters

card_tokensarray of string

Card tokens to which the Auth Rule applies.

namestring

optional

Auth Rule Name

maxLength1024

parametersunion

optional

Parameters for the Auth Rule

One of the following 4 object variants:

Hide ParametersShow Parameters

conditionsarray of AuthRuleConditionConditionalBlockParameters

filtersobjectperiodunionscopeenumlimit_amountnumberlimit_countnumberVelocityLimitParams

MerchantLockParametersobject

Hide ParametersShow Parameters

merchantsarray of object

A list of merchant locks defining specific merchants or groups of merchants (based on descriptors or IDs) that the lock applies to.

Hide ParametersShow Parameters

commentstring

optional

A comment or explanation about the merchant, used internally for rule management purposes.

descriptorstring

optional

Short description of the merchant, often used to provide more human-readable context about the transaction merchant. This is typically the name or label shown on transaction summaries.

merchant_idstring

optional

Unique alphanumeric identifier for the payment card acceptor (merchant). This attribute specifies the merchant entity that will be locked or referenced for authorization rules.

Conditional3DSActionParametersobject

Hide ParametersShow Parameters

actionenum

Accepts one of the following: "DECLINE", "CHALLENGE"

The action to take if the conditions are met.

Hide ParametersShow Parameters

"DECLINE"

"CHALLENGE"

conditionsarray of object

Hide ParametersShow Parameters

attributeenum

optional

Accepts one of the following: "MCC", "COUNTRY", "CURRENCY", 5 more

The attribute to target.

The following attributes may be targeted:

• MCC: A four-digit number listed in ISO 18245. An MCC is used to classify a business by the types of goods or services it provides.
• COUNTRY: Country of entity of card acceptor. Possible values are: (1) all ISO 3166-1 alpha-3 country codes, (2) QZZ for Kosovo, and (3) ANT for Netherlands Antilles.
• CURRENCY: 3-character alphabetic ISO 4217 code for the merchant currency of the transaction.
• MERCHANT_ID: Unique alphanumeric identifier for the payment card acceptor (merchant).
• DESCRIPTOR: Short description of card acceptor.
• TRANSACTION_AMOUNT: The base transaction amount (in cents) plus the acquirer fee field in the settlement/cardholder billing currency. This is the amount the issuer should authorize against unless the issuer is paying the acquirer fee on behalf of the cardholder.
• RISK_SCORE: Network-provided score assessing risk level associated with a given authentication. Scores are on a range of 0-999, with 0 representing the lowest risk and 999 representing the highest risk. For Visa transactions, where the raw score has a range of 0-99, Lithic will normalize the score by multiplying the raw score by 10x.
• MESSAGE_CATEGORY: The category of the authentication being processed.

Hide ParametersShow Parameters

"MCC"

"COUNTRY"

"CURRENCY"

"MERCHANT_ID"

"DESCRIPTOR"

"TRANSACTION_AMOUNT"

"RISK_SCORE"

"MESSAGE_CATEGORY"

operationenum

optional

Accepts one of the following: "IS_ONE_OF", "IS_NOT_ONE_OF", "MATCHES", 3 more

The operation to apply to the attribute

Hide ParametersShow Parameters

"IS_ONE_OF"

"IS_NOT_ONE_OF"

"MATCHES"

"DOES_NOT_MATCH"

"IS_GREATER_THAN"

"IS_LESS_THAN"

valueunion

optional

Accepts one of the following: string, number, array of string

A regex string, to be used with MATCHES or DOES_NOT_MATCH

Hide ParametersShow Parameters

Regexstring

A regex string, to be used with MATCHES or DOES_NOT_MATCH

Numbernumber

A number, to be used with IS_GREATER_THAN or IS_LESS_THAN

ListOfStringsarray of string

An array of strings, to be used with IS_ONE_OF or IS_NOT_ONE_OF

typeenum

optional

Accepts one of the following: "CONDITIONAL_BLOCK", "VELOCITY_LIMIT", "MERCHANT_LOCK", "CONDITIONAL_3DS_ACTION"

The type of Auth Rule. Effectively determines the event stream during which it will be evaluated.

• CONDITIONAL_BLOCK: AUTHORIZATION event stream.
• VELOCITY_LIMIT: AUTHORIZATION event stream.
• MERCHANT_LOCK: AUTHORIZATION event stream.
• CONDITIONAL_3DS_ACTION: THREE_DS_AUTHENTICATION event stream.

Hide ParametersShow Parameters

"CONDITIONAL_BLOCK"

"VELOCITY_LIMIT"

"MERCHANT_LOCK"

"CONDITIONAL_3DS_ACTION"

CreateAuthRuleRequestProgramLevelobject

Hide ParametersShow Parameters

program_levelboolean

Whether the Auth Rule applies to all authorizations on the card program.

excluded_card_tokensarray of string

optional

Card tokens to which the Auth Rule does not apply.

namestring

optional

Auth Rule Name

maxLength1024

parametersunion

optional

Parameters for the Auth Rule

One of the following 4 object variants:

Hide ParametersShow Parameters

conditionsarray of AuthRuleConditionConditionalBlockParameters

filtersobjectperiodunionscopeenumlimit_amountnumberlimit_countnumberVelocityLimitParams

MerchantLockParametersobject

Hide ParametersShow Parameters

merchantsarray of object

A list of merchant locks defining specific merchants or groups of merchants (based on descriptors or IDs) that the lock applies to.

Hide ParametersShow Parameters

commentstring

optional

A comment or explanation about the merchant, used internally for rule management purposes.

descriptorstring

optional

Short description of the merchant, often used to provide more human-readable context about the transaction merchant. This is typically the name or label shown on transaction summaries.

merchant_idstring

optional

Unique alphanumeric identifier for the payment card acceptor (merchant). This attribute specifies the merchant entity that will be locked or referenced for authorization rules.

Conditional3DSActionParametersobject

Hide ParametersShow Parameters

actionenum

Accepts one of the following: "DECLINE", "CHALLENGE"

The action to take if the conditions are met.

Hide ParametersShow Parameters

"DECLINE"

"CHALLENGE"

conditionsarray of object

Hide ParametersShow Parameters

attributeenum

optional

Accepts one of the following: "MCC", "COUNTRY", "CURRENCY", 5 more

The attribute to target.

The following attributes may be targeted:

• MCC: A four-digit number listed in ISO 18245. An MCC is used to classify a business by the types of goods or services it provides.
• COUNTRY: Country of entity of card acceptor. Possible values are: (1) all ISO 3166-1 alpha-3 country codes, (2) QZZ for Kosovo, and (3) ANT for Netherlands Antilles.
• CURRENCY: 3-character alphabetic ISO 4217 code for the merchant currency of the transaction.
• MERCHANT_ID: Unique alphanumeric identifier for the payment card acceptor (merchant).
• DESCRIPTOR: Short description of card acceptor.
• TRANSACTION_AMOUNT: The base transaction amount (in cents) plus the acquirer fee field in the settlement/cardholder billing currency. This is the amount the issuer should authorize against unless the issuer is paying the acquirer fee on behalf of the cardholder.
• RISK_SCORE: Network-provided score assessing risk level associated with a given authentication. Scores are on a range of 0-999, with 0 representing the lowest risk and 999 representing the highest risk. For Visa transactions, where the raw score has a range of 0-99, Lithic will normalize the score by multiplying the raw score by 10x.
• MESSAGE_CATEGORY: The category of the authentication being processed.

Hide ParametersShow Parameters

"MCC"

"COUNTRY"

"CURRENCY"

"MERCHANT_ID"

"DESCRIPTOR"

"TRANSACTION_AMOUNT"

"RISK_SCORE"

"MESSAGE_CATEGORY"

operationenum

optional

Accepts one of the following: "IS_ONE_OF", "IS_NOT_ONE_OF", "MATCHES", 3 more

The operation to apply to the attribute

Hide ParametersShow Parameters

"IS_ONE_OF"

"IS_NOT_ONE_OF"

"MATCHES"

"DOES_NOT_MATCH"

"IS_GREATER_THAN"

"IS_LESS_THAN"

valueunion

optional

Accepts one of the following: string, number, array of string

A regex string, to be used with MATCHES or DOES_NOT_MATCH

Hide ParametersShow Parameters

Regexstring

A regex string, to be used with MATCHES or DOES_NOT_MATCH

Numbernumber

A number, to be used with IS_GREATER_THAN or IS_LESS_THAN

ListOfStringsarray of string

An array of strings, to be used with IS_ONE_OF or IS_NOT_ONE_OF

typeenum

optional

Accepts one of the following: "CONDITIONAL_BLOCK", "VELOCITY_LIMIT", "MERCHANT_LOCK", "CONDITIONAL_3DS_ACTION"

The type of Auth Rule. Effectively determines the event stream during which it will be evaluated.

• CONDITIONAL_BLOCK: AUTHORIZATION event stream.
• VELOCITY_LIMIT: AUTHORIZATION event stream.
• MERCHANT_LOCK: AUTHORIZATION event stream.
• CONDITIONAL_3DS_ACTION: THREE_DS_AUTHENTICATION event stream.

Hide ParametersShow Parameters

"CONDITIONAL_BLOCK"

"VELOCITY_LIMIT"

"MERCHANT_LOCK"

"CONDITIONAL_3DS_ACTION"

Returns

tokenstring

Auth Rule Token

formatuuid

account_tokensarray of string

Account tokens to which the Auth Rule applies.

card_tokensarray of string

Card tokens to which the Auth Rule applies.

current_versionobject

Hide ParametersShow Parameters

parametersunion

Parameters for the Auth Rule

One of the following 4 object variants:

Hide ParametersShow Parameters

conditionsarray of AuthRuleConditionConditionalBlockParameters

filtersobjectperiodunionscopeenumlimit_amountnumberlimit_countnumberVelocityLimitParams

MerchantLockParametersobject

Hide ParametersShow Parameters

merchantsarray of object

A list of merchant locks defining specific merchants or groups of merchants (based on descriptors or IDs) that the lock applies to.

Hide ParametersShow Parameters

commentstring

optional

A comment or explanation about the merchant, used internally for rule management purposes.

descriptorstring

optional

Short description of the merchant, often used to provide more human-readable context about the transaction merchant. This is typically the name or label shown on transaction summaries.

merchant_idstring

optional

Unique alphanumeric identifier for the payment card acceptor (merchant). This attribute specifies the merchant entity that will be locked or referenced for authorization rules.

Conditional3DSActionParametersobject

Hide ParametersShow Parameters

actionenum

Accepts one of the following: "DECLINE", "CHALLENGE"

The action to take if the conditions are met.

Hide ParametersShow Parameters

"DECLINE"

"CHALLENGE"

conditionsarray of object

Hide ParametersShow Parameters

attributeenum

optional

Accepts one of the following: "MCC", "COUNTRY", "CURRENCY", 5 more

The attribute to target.

The following attributes may be targeted:

• MCC: A four-digit number listed in ISO 18245. An MCC is used to classify a business by the types of goods or services it provides.
• COUNTRY: Country of entity of card acceptor. Possible values are: (1) all ISO 3166-1 alpha-3 country codes, (2) QZZ for Kosovo, and (3) ANT for Netherlands Antilles.
• CURRENCY: 3-character alphabetic ISO 4217 code for the merchant currency of the transaction.
• MERCHANT_ID: Unique alphanumeric identifier for the payment card acceptor (merchant).
• DESCRIPTOR: Short description of card acceptor.
• TRANSACTION_AMOUNT: The base transaction amount (in cents) plus the acquirer fee field in the settlement/cardholder billing currency. This is the amount the issuer should authorize against unless the issuer is paying the acquirer fee on behalf of the cardholder.
• RISK_SCORE: Network-provided score assessing risk level associated with a given authentication. Scores are on a range of 0-999, with 0 representing the lowest risk and 999 representing the highest risk. For Visa transactions, where the raw score has a range of 0-99, Lithic will normalize the score by multiplying the raw score by 10x.
• MESSAGE_CATEGORY: The category of the authentication being processed.

Hide ParametersShow Parameters

"MCC"

"COUNTRY"

"CURRENCY"

"MERCHANT_ID"

"DESCRIPTOR"

"TRANSACTION_AMOUNT"

"RISK_SCORE"

"MESSAGE_CATEGORY"

operationenum

optional

Accepts one of the following: "IS_ONE_OF", "IS_NOT_ONE_OF", "MATCHES", 3 more

The operation to apply to the attribute

Hide ParametersShow Parameters

"IS_ONE_OF"

"IS_NOT_ONE_OF"

"MATCHES"

"DOES_NOT_MATCH"

"IS_GREATER_THAN"

"IS_LESS_THAN"

valueunion

optional

Accepts one of the following: string, number, array of string

A regex string, to be used with MATCHES or DOES_NOT_MATCH

Hide ParametersShow Parameters

Regexstring

A regex string, to be used with MATCHES or DOES_NOT_MATCH

Numbernumber

A number, to be used with IS_GREATER_THAN or IS_LESS_THAN

ListOfStringsarray of string

An array of strings, to be used with IS_ONE_OF or IS_NOT_ONE_OF

versionnumber

The version of the rule, this is incremented whenever the rule's parameters change.

draft_versionobject

Hide ParametersShow Parameters

parametersunion

Parameters for the Auth Rule

One of the following 4 object variants:

Hide ParametersShow Parameters

conditionsarray of AuthRuleConditionConditionalBlockParameters

filtersobjectperiodunionscopeenumlimit_amountnumberlimit_countnumberVelocityLimitParams

MerchantLockParametersobject

Hide ParametersShow Parameters

merchantsarray of object

A list of merchant locks defining specific merchants or groups of merchants (based on descriptors or IDs) that the lock applies to.

Hide ParametersShow Parameters

commentstring

optional

A comment or explanation about the merchant, used internally for rule management purposes.

descriptorstring

optional

Short description of the merchant, often used to provide more human-readable context about the transaction merchant. This is typically the name or label shown on transaction summaries.

merchant_idstring

optional

Unique alphanumeric identifier for the payment card acceptor (merchant). This attribute specifies the merchant entity that will be locked or referenced for authorization rules.

Conditional3DSActionParametersobject

Hide ParametersShow Parameters

actionenum

Accepts one of the following: "DECLINE", "CHALLENGE"

The action to take if the conditions are met.

Hide ParametersShow Parameters

"DECLINE"

"CHALLENGE"

conditionsarray of object

Hide ParametersShow Parameters

attributeenum

optional

Accepts one of the following: "MCC", "COUNTRY", "CURRENCY", 5 more

The attribute to target.

The following attributes may be targeted:

• MCC: A four-digit number listed in ISO 18245. An MCC is used to classify a business by the types of goods or services it provides.
• COUNTRY: Country of entity of card acceptor. Possible values are: (1) all ISO 3166-1 alpha-3 country codes, (2) QZZ for Kosovo, and (3) ANT for Netherlands Antilles.
• CURRENCY: 3-character alphabetic ISO 4217 code for the merchant currency of the transaction.
• MERCHANT_ID: Unique alphanumeric identifier for the payment card acceptor (merchant).
• DESCRIPTOR: Short description of card acceptor.
• TRANSACTION_AMOUNT: The base transaction amount (in cents) plus the acquirer fee field in the settlement/cardholder billing currency. This is the amount the issuer should authorize against unless the issuer is paying the acquirer fee on behalf of the cardholder.
• RISK_SCORE: Network-provided score assessing risk level associated with a given authentication. Scores are on a range of 0-999, with 0 representing the lowest risk and 999 representing the highest risk. For Visa transactions, where the raw score has a range of 0-99, Lithic will normalize the score by multiplying the raw score by 10x.
• MESSAGE_CATEGORY: The category of the authentication being processed.

Hide ParametersShow Parameters

"MCC"

"COUNTRY"

"CURRENCY"

"MERCHANT_ID"

"DESCRIPTOR"

"TRANSACTION_AMOUNT"

"RISK_SCORE"

"MESSAGE_CATEGORY"

operationenum

optional

Accepts one of the following: "IS_ONE_OF", "IS_NOT_ONE_OF", "MATCHES", 3 more

The operation to apply to the attribute

Hide ParametersShow Parameters

"IS_ONE_OF"

"IS_NOT_ONE_OF"

"MATCHES"

"DOES_NOT_MATCH"

"IS_GREATER_THAN"

"IS_LESS_THAN"

valueunion

optional

Accepts one of the following: string, number, array of string

A regex string, to be used with MATCHES or DOES_NOT_MATCH

Hide ParametersShow Parameters

Regexstring

A regex string, to be used with MATCHES or DOES_NOT_MATCH

Numbernumber

A number, to be used with IS_GREATER_THAN or IS_LESS_THAN

ListOfStringsarray of string

An array of strings, to be used with IS_ONE_OF or IS_NOT_ONE_OF

versionnumber

The version of the rule, this is incremented whenever the rule's parameters change.

event_streamenum

Accepts one of the following: "AUTHORIZATION", "THREE_DS_AUTHENTICATION"

The type of event stream the Auth rule applies to.

Hide ParametersShow Parameters

"AUTHORIZATION"

"THREE_DS_AUTHENTICATION"

namestring

Auth Rule Name

maxLength1024

program_levelboolean

Whether the Auth Rule applies to all authorizations on the card program.

stateenum

Accepts one of the following: "ACTIVE", "INACTIVE"

The state of the Auth Rule

Hide ParametersShow Parameters

"ACTIVE"

"INACTIVE"

typeenum

Accepts one of the following: "CONDITIONAL_BLOCK", "VELOCITY_LIMIT", "MERCHANT_LOCK", "CONDITIONAL_3DS_ACTION"

The type of Auth Rule. Effectively determines the event stream during which it will be evaluated.

• CONDITIONAL_BLOCK: AUTHORIZATION event stream.
• VELOCITY_LIMIT: AUTHORIZATION event stream.
• MERCHANT_LOCK: AUTHORIZATION event stream.
• CONDITIONAL_3DS_ACTION: THREE_DS_AUTHENTICATION event stream.

Hide ParametersShow Parameters

"CONDITIONAL_BLOCK"

"VELOCITY_LIMIT"

"MERCHANT_LOCK"

"CONDITIONAL_3DS_ACTION"

excluded_card_tokensarray of string

optional

Card tokens to which the Auth Rule does not apply.

Request example Request

curl https://api.lithic.com/v2/auth_rules \
    -H 'Content-Type: application/json' \
    -H "Authorization: $LITHIC_API_KEY" \
    -d '{
      "account_tokens": [
        "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e"
      ]
    }'

200 Example

{
  "token": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
  "account_tokens": [
    "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e"
  ],
  "card_tokens": [
    "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e"
  ],
  "current_version": {
    "parameters": {
      "conditions": [
        {
          "attribute": "MCC",
          "operation": "IS_ONE_OF",
          "value": "string"
        }
      ]
    }
  },
  "draft_version": {
    "parameters": {
      "conditions": [
        {
          "attribute": "MCC",
          "operation": "IS_ONE_OF",
          "value": "string"
        }
      ]
    }
  },
  "event_stream": "AUTHORIZATION",
  "name": "name",
  "program_level": true,
  "state": "ACTIVE",
  "type": "CONDITIONAL_BLOCK",
  "excluded_card_tokens": [
    "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e"
  ]
}