Spend Controls
Retrieve profile spend limits
Retrieves the profile limits.
Limit details are defined as follows:
| Field | Description | Format |
|---|---|---|
| type | Card limit type. Allowed Values: TRANSACTION, DAILY, MONTHLY, LIFETIME | Text |
| usage | How much was used so far | Decimal |
| threshold | Threshold of the limit | Decimal |
| currency | Limit currency | Text |
| expiresAt | Date & time when a limit will reset | Text |
curl -X GET 'https://api.sandbox.transferwise.tech/v3/spend/profiles/{{profileId}}/spending-limits' \-H 'Authorization: Bearer {{API token}}'
{"spendings": [{"type": "ATM_WITHDRAWAL","limits": [{"type": "TRANSACTION","usage": 0,"threshold": 1750,"currency": "SGD","expiresAt": null},{"type": "DAILY","usage": 0,"threshold": 2700,"currency": "SGD","expiresAt": "2022-12-15T16:00:00Z"},{"type": "MONTHLY","usage": 0,"threshold": 5250,"currency": "SGD","expiresAt": "2022-12-31T16:00:00Z"}]},{"type": "ECOM_PURCHASE","limits": [{"type": "TRANSACTION","usage": 0,"threshold": 17500,"currency": "SGD","expiresAt": null},{"type": "DAILY","usage": 0,"threshold": 17500,"currency": "SGD","expiresAt": "2022-12-15T16:00:00Z"},{"type": "MONTHLY","usage": 0,"threshold": 35000,"currency": "SGD","expiresAt": "2022-12-31T16:00:00Z"}]},{"type": "CHIP_WALLET_PURCHASE","limits": [{"type": "TRANSACTION","usage": 0,"threshold": 4300,"currency": "SGD","expiresAt": null},{"type": "DAILY","usage": 0,"threshold": 5300,"currency": "SGD","expiresAt": "2022-12-15T16:00:00Z"},{"type": "MONTHLY","usage": 0,"threshold": 17500,"currency": "SGD","expiresAt": "2022-12-31T16:00:00Z"}]},{"type": "CONTACTLESS_PURCHASE","limits": [{"type": "TRANSACTION","usage": 0,"threshold": 900,"currency": "SGD","expiresAt": null},{"type": "DAILY","usage": 0,"threshold": 900,"currency": "SGD","expiresAt": "2022-12-15T16:00:00Z"},{"type": "MONTHLY","usage": 0,"threshold": 7000,"currency": "SGD","expiresAt": "2022-12-31T16:00:00Z"}]},{"type": "MAGSTRIPE_PURCHASE","limits": [{"type": "TRANSACTION","usage": 0,"threshold": 550,"currency": "SGD","expiresAt": null},{"type": "DAILY","usage": 0,"threshold": 700,"currency": "SGD","expiresAt": "2022-12-15T16:00:00Z"},{"type": "MONTHLY","usage": 0,"threshold": 2100,"currency": "SGD","expiresAt": "2022-12-31T16:00:00Z"}]}]}
Adding an authorization rule
A rule is an instruction to Wise that dictates which transactions should be declined or approved. Defining a rule has no practical implication until it is applied to a particular CARD/PROFILE or every card, which is achieved by applying a rule to a PARTNER.
The id of a rule is unique and will refer to this rule in any further call.
The parameters for the creation of rules are as follows:
| Field | Description | Format |
|---|---|---|
| type | Allowed Values: MCC, CURRENCY | Text |
| operation | Defines whether the given values will be allowed or blocked. Allowed Values: ALLOW, BLOCK | Text |
| description [optional] | Textual description of a rule, has no practical implication | Text |
| values | The list of values to block or to approve | Array of Text |
curl -X POST 'https://api.sandbox.transferwise.tech/v3/spend/profiles/{{profileId}}/spend-controls/rule/authorisation' \-H 'Authorization: Bearer {{API token}}' \-H 'Content-Type: application/json' \-d '{"description": "my first test rule","type": "MCC","operation": "ALLOW","values": ["1234", "5678"]}'
{"id": 110000000,"description": "my first test rule","type": "MCC","operation": "ALLOW","values": ["1234","5678"]}
Delete an authorization rule
Deletes an existent rule. Rule deletion is only possible if a rule does not apply to any scope. If a rule was already applied to a scope, unapply should be invoked prior to the rule deletion.
HTTP response code should be assessed to verify the success or failure of this call.
curl -X DELETE 'https://api.sandbox.transferwise.tech/v3/spend/profiles/{{profileId}}/spend-controls/rule/authorisation/{{ruleId}}' \-H 'Authorization: Bearer {{API token}}' \-H 'Content-Type: application/json'
List existing authorization rules
Lists all the defined rules. The list will include all the rules whether these were applied to a scope or not.
curl -X GET 'https://api.sandbox.transferwise.tech/v3/spend/profiles/{{profileId}}/spend-controls/rule/authorisation' \-H 'Authorization: Bearer {{API token}}'
[{"id": 1,"description": "gambling blacklisting","type": "MCC","operation": "BLOCK","values": ["7801","7802","7995","9754"]}]
Apply an authorization rule
The following endpoint applies a defined rule to a give scope (card/profile or partner). This will result in a rule being evaluated against every incoming card authorisation request for the given CARD/PROFILE/PARTNER.
HTTP response code should be assessed to verify the success or failure of this call.
The parameters for the apply endpoint are as follows:
| Field | Description | Format |
|---|---|---|
| ruleId | The ID of a previously created rule | Text |
| scope | Defines the scope to which a rule would apply to. Allowed Values: CARD, PROFILE, PARTNER | Text |
| scopeId | The id of the scope defined above. It should be cardToken for CARD scope, prrofileId for PROFILE scope or clientId for PARTNER scope | Text |
curl -X POST 'https://api.sandbox.transferwise.tech/v3/spend/profiles/{{profileId}}/spend-controls/rule/apply' \-H 'Authorization: Bearer {{API token}}' \-H 'Content-Type: application/json' \-d '{"ruleId": 110000000000,"scope: "CARD","scopeId": "30000000000"}'
Unapply an authorization rule
This endpoint reverses the apply endpoint and it's invocation will result in removing a rule from a given scope.
HTTP response code should be assessed to verify the success or failure of this call.
The parameters for the unapply endpoint are as follows:
| Field | Description | Format |
|---|---|---|
| ruleId | The ID of a previously created rule | Text |
| scope | Defines the scope to which a rule would apply to. Allowed Values: Allowed Values: CARD, PROFILE, PARTNER | Text |
| scopeId | The id of the scope defined above. It should be cardToken for CARD scope, prrofileId for PROFILE scope or clientId for PARTNER scope | Text |
curl -X POST 'https://api.sandbox.transferwise.tech/v3/spend/profiles/{{profileId}}/spend-controls/rule/unapply' \-H 'Authorization: Bearer {{API token}}' \-H 'Content-Type: application/json' \-d '{"ruleId": 11000000000,"scope: "CARD","scopeId": "3000000000"}'
List applied authorization rules
Returns the list of all the active authorisation rules and the scopes they have been applied to.
curl -X GET 'https://api.sandbox.transferwise.tech/v3/spend/profiles/{{profileId}}/spend-controls/rule/applied' \-H 'Authorization: Bearer {{API token}}'
[{"ruleId": 1,"scope": "PROFILE","scopeId": "12345678"}]