Master Spend Controls
This page will show you how to set card rules
This page explains how to manage master card spend controls. The is a two step approach.
- Create master spend control
- Apply that control to new or existing cards
We only support following types of master spend controls
Master spend control can be added a default. If there is a default spend control then that spend control will be added to all the new cards created after
Be aware: Spend Controls can only be applied to certain Yordex card schemes
Speak with your Customer Success Manager to find out if your cards are eligible for master controls.
Merchant category controls
Visa and MasterCard have their own lists of merchant categories (MCC).
On the Accounts page we showed you that for most transactions we receive an MCC code:
"mcc": "7801",
"mccDescription": "merchant category description",
It's possible to only block or only allow specific categories on a card. Note, block and allow controls cannot be combined and must be one or the other.
Creating a master MCC controls:
curl {baseURL}/cards/spendcontrols/mccs
-H "Authorization:your-api-key"
-H "Content-type: application/json"
-X POST
-d '{
"allowed": true/false,
"mccs": [
{
"code": "123",
"name": "test"
}
],
"provider": "RAILSBANK",
"name": "testing",
"description": null,
"isDefault": true/false
}'
Response
{
"allowed": true/false,
"mccs": [
{
"code": "123",
"name": "test"
}
],
"bankRef": "bankId",
"id": "<spend control id>",
"provider": "RAILSBANK",
"name": "testing",
"isDefault": false/true
}
Successful requests will return a 200 response. You should save the id of the response. This id will be used to apply the spend control to the card later or to update the spend control(see below).
Updating a master MCC controls:
curl {baseURL}/cards/spendcontrols/:spendControlId/mccs
-H "Authorization:your-api-key"
-H "Content-type: application/json"
-X PUT
-d '{
"allowed": true/false,
"mccs": [
{
"code": "123",
"name": "test"
}
],
"provider": "RAILSBANK",
"name": "testing",
"description": null,
"isDefault": true/false
}'
Response
{
"allowed": true/false,
"mccs": [
{
"code": "123",
"name": "test"
}
],
"bankRef": "bankId",
"id": "<spend control id>",
"provider": "RAILSBANK",
"name": "testing",
"isDefault": false/true
}
Applying a master MCC controls to a card:
curl {baseURL}/cards/:cardId/spendcontrols
-H "Authorization:your-api-key"
-H "Content-type: application/json"
-X PATCH '{
"spendControlIds": [
"id 1",
"id 2"
]
}'
Successful requests will return a 204 response.
A full list of MCC codes can be found here.
PUT can delete previously specified MCCs
Updating spendcontrols is a PUT. That means that if you want to add one MCC to the list, you need to specify that MCC plus all previously added MCCs in the request. If you do not add previously added MCCs, they will be deleted from the list
A card can not have both allowed and not allowed lists.
MID controls
Transactions can be allowed and blocked based on the MID (merchant id). This id is assigned by the acquirers to merchants.
It's possible to only block or only allow specific categories on a card. Note, block and allow controls cannot be combined and must be one or the other.
Creating a master MID controls:
curl {baseURL}/cards/spendcontrols/mids
-H "Authorization:your-api-key"
-H "Content-type: application/json"
-X POST
-d '{
"allowed": true/false,
"mids": [
{
"code": "123",
"name": "test"
}
],
"provider": "RAILSBANK",
"name": "testing",
"description": null,
"isDefault": true/false
}'
Response
{
"allowed": true/false,
"mids": [
{
"code": "123",
"name": "test"
}
],
"bankRef": "bankId",
"id": "<spend control id>",
"provider": "RAILSBANK",
"name": "testing",
"isDefault": false/true
}
Successful requests will return a 200 response. You should save the id of the response. This id will be used to apply the spend control to the card later (see below).
Updating a master MID controls:
curl {baseURL}/cards/spendcontrols/:spendcontrolId/mids
-H "Authorization:your-api-key"
-H "Content-type: application/json"
-X PUT
-d '{
"allowed": true/false,
"mids": [
{
"code": "123",
"name": "test"
}
],
"provider": "RAILSBANK",
"name": "testing",
"description": null,
"isDefault": true/false
}'
Response
{
"allowed": true/false,
"mids": [
{
"code": "123",
"name": "test"
}
],
"bankRef": "bankId",
"id": "<spend control id>",
"provider": "RAILSBANK",
"name": "testing",
"isDefault": false/true
}
Successful requests will return a 200 response. You should save the id of the response. This id will be used to apply the spend control to the card later (see below).
Applying a master MID controls to a card:
curl {baseURL}/cards/:cardId/spendcontrols
-H "Authorization:your-api-key"
-H "Content-type: application/json"
-X PATCH '{
"spendControlIds": [
"id 1",
"id 2"
]
}'
Successful requests will return a 204 response.
Get spend controls
curl {baseURL}/cards/spendcontrols
-H "Authorization:your-api-key"
-H "Content-type: application/json"
-X GET
Response
{
"mccSpendControls": [
{
"allowed": true/false,
"mccs": [
{
"code": "6345"
}
],
"bankRef": "bankMcc1",
"id": "mcc1",
"provider": "RAILSBANK",
"name": "mcc test",
"isDefault": false/false
}
],
"midSpendControls": [
{
"allowed": false,
"mids": [
{
"code": "6345"
}
],
"bankRef": "bankMid1",
"id": "mid1",
"provider": "RAILSBANK",
"name": "mid test",
"isDefault": false
}
]
}
Updated about 2 months ago