What can we help you with?

How do I restrict spending to a single merchant?

There are multiple ways to restrict card holder spending to a single merchant:

  • If your default authorization behavior blocks all merchants, you can use an authorization control to enable spending at a single merchant.
  • Alternatively, you can use Gateway Just-in-Time (JIT) Funding to build your own authorization logic.

Using spend controls

In a request to /authcontrols, include the merchant_scope object. Use the merchant ID you want to allow as the value for the mid field.

For example, the following request to /authcontrols creates a spend control that allows spending for a single user at the given merchant ID:

"name": "My spend control",
"association": {
"user_token": "userToken"
"merchant_scope": {
"mid": "252824676910001"
"active": true

Note: Your program’s default authorization behavior can block all merchants by default, requiring you to whitelist allowable merchants, or allow all merchants by default, requiring you to blacklist blocked merchants. Make sure you know your program’s default behavior before designing your controls.

For more information on spend controls, see Controlling Spending in the Developer Guides of Marqeta Docs.

Using Gateway JIT Funding

Gateway JIT Funding adds your system to the transaction authorization life cycle. Your system receives transaction messages in real time and must send a response indicating whether to fund or not fund each transaction.

When building your authorization decision engine, use the card_acceptor object included in transaction messages to access information about the merchant. You should design your gateway's rules so that it approves only transactions occurring at the desired merchant.

The following is an example card_acceptor object from a transaction message:

"mid": "000000000011111",
"mcc": "6411",
"name": "Chicken Tooth Music",
"street_address": "111 Main St",
"city": "Berkeley",
"country_code": "USA"

For more information, see About Just-in-Time Funding in the Developer Guides of Marqeta Docs.

Thanks for the feedback
Thanks for the feedback
Was this article helpful?

We've recieved your feedback.

Contact Developer Support
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.