DashboardGet StartedStatus

Fully Customize Authorizations

Estimated time: ~10 minutes

Lithic's Auth Stream Access (ASA) feature is for customers that need full customization of their authorization logic. With ASA, Lithic forwards transactions to your servers in real-time so that you can approve or decline each transaction.

πŸ“˜

Authorization Rules + Auth Stream Access

You can use Authorization Rules and Auth Stream Access together. When Lithic receives a transaction from the card networks, we automatically decline any that fail your Authorization Rules. Lithic forwards the remaining transactions to your servers as Auth Stream Access messages for you to approve or decline.

Enroll in Auth Stream Access

To start using Auth Stream Access, you need to expose an endpoint on your servers for receiving Auth Stream Access messages. For each transaction, Lithic will send an Auth Stream Access message to this endpoint as a POST request.

Once you have exposed the endpoint, you must register the endpoint's URL with Lithic using responder endpoint API.

Once you enroll your URL, you can test that you are receiving ASA messages by simulating a transaction in sandbox.

Respond to Auth Stream Access messages

Each Auth Stream Access message will contain information about the transaction, including the transaction amount, merchant, and card. Based on this information, you can decide to approve or decline the transaction.

Each incoming request must be responded to with an Auth Stream Access response object. This object needs to include:

  • Result (string): "APPROVED" to accept the transaction. Any other value will decline the transaction.
  • Token (string): The Auth Stream Access token in the received POST request.

For more information about Auth Stream Access, check out our in-depth guide: Auth Stream Access

Below is an example of exposing an endpoint on an Express server to receive Auth Stream Access messages:

/* Example Endpoint */

// Your Server
const express = require('express')
const app = express()
app.use(express.json()) // for parsing application/json

// Auth Stream Access endpoint
app.post('/my_auth_stream_access_endpoint', (req, res) => {
    const { body: {token, amount, merchant}} = req;

  	// Custom Approve/Decline Logic ...
    // ... ex. decline if amount is > $500 ...
    // ... ex. approve if merchant code is 'groceries'
    // ... ex. decline if card was created within the last day ...

    const result = 'APPROVED'; // or 'DECLINED', 'UNAUTHORIZED_MERCHANT', etc.
    return res.json({ result, token })
});

If AWS is your cloud provider, Lithic provides a ready-to-deploy lambda function that you can use to quickly spin-up an AWS Serverless Application Model (SAM) to receive and handle Auth Stream Access messages:

NodeJS example: https://github.com/lithic-com/asa-demo-node
Python example: https://github.com/lithic-com/asa-demo-python

Response timeouts

Every transaction request received from the card networks requires an approve or decline response within 7 seconds.

The 7-second countdown begins as soon as the card networks send the request to Lithic and includes the roundtrip time from the card network to Lithic to your servers and back.

To ensure that Lithic can respond to the card networks within the allotted time, Lithic enforces a timeout of 5 seconds detailed here.

Updated about 1 month ago