To create an authorization control that applies to a single user, include the user's token in the association object of your request.
For example, send the following POST request to /authcontrols to create a spend control for a single user:
{
"merchant_scope": {
"mid": "98765"
},
"association": {
"user_token": "bigbird_token"
},
"token": "my_authcontrol",
"name": "My Auth Control"
}
For more information, see Controlling Spending in Developer Guides and Authorization Controls in the Core API Reference.