Set card restrictions
This method sets card restrictions based on the preferences of the bank, account owner or cardholder. Modification of card restrictions is permissible only for cards that are in an "ACTIVE" state and are associated with "ACTIVE" accounts. The adjustment of card restrictions is determined by user roles originally assigned to the card restriction:
- If the record is requested by "BANK," only "BANK" has permission to modify it.
- If the record is requested by "ACCOUNT OWNER," both "BANK" and "ACCOUNT OWNER" have the permission to make modifications.
- If the record is requested by "HOLDER," all user roles have permission to make modifications.
To set a restriction for a card, the ID of the restriction must be provided along with all the necessary values. All restrictions included in CPD, which allows modifications must be included in a request for a new card. Restrictions can be established using the logic of a blacklist, whitelist, or a specific flag from transaction data to either restrict or allow specific transaction configurations. List of restrictions can be found here.
URL test:
URL live:
Method:
PUT
Path items:
/cards (Card Service)
/{id} (ID code of restriction)
/restrictions (Method name)
Parameters:
| Parameter | Location | Type | Example | Description | Required |
|---|---|---|---|---|---|
| ID | Path | "string" | "108564234" | Internal ID of Card | Yes |
| restrictions | Path | "object" | - | Restriction details | Yes |
| restrictionId | restrictions | "string" | "DENYCASH" | Restriction ID specified in CPD | Yes |
| restrictionValue | restrictions | "string" | "ENABLED/DISABLED" | ENABLED/DISABLED value for turning ON or OFF the restriction | Yes |
| requestedBy | Body | "string" | "BANK" | Level of user role | Yes |
Example:
curl -X 'PUT' \
'https://dev.lightcms.io/cms/v1/cards/17/restrictions' \
-H 'accept: */*' \
-H 'Content-Type: application/json' \
-d '{
"restrictions": [
{
"restrictionId": "TPRF_17_01_2",
"restrictionValue": "ENABLED"
}
],
"requestedBy": "BANK"
}'
Responses:
200 - OK
Status Code: 200 OK
400 - Bad Request
Status Code: 400 Bad Request
{
"timestamp": "2024-04-10T13:16:40.143+00:00",
"status": 400,
"error": "Bad Request",
"path": "/cms/v1/cards/565456/restrictions"
}
| Parameter | Location | Type | Example | Description |
|---|---|---|---|---|
| timestamp | body | date | "2024-04-10T13:16:40.143+00:00" | Timestamp of request |
| status | body | integer | 400 | Status error code |
| error | body | string | "Bad Request" | Error description |
| path | body | string | "/cms/v1/cards/565456/restrictions" | Request path |
404 - Not found
Status Code: 404 Not found
| Parameter | Location | Type | Example | Description |
|---|---|---|---|---|
| errorMessage | body | string | "Entity with id 132132123 not found in DB." | Error message |
400 - Incorrect parameters
Status Code: 400 Bad Request
{
"errorMessage": "restriction TPRF_17_01_111 is not defined in CPD (the following restrictions are defined: [TRANSACTIONS_PERMISSIONS_A, TRANSACTIONS_PERMISSIONS_B, TPRF_17_01_3, TERMINAL_EU_COUNTRIES, TPRF_17_01_2, TPRF_17_01_7, TPRF_17_01_6, TPRF_17_01_5, TPRF_17_01_4, TPRF_17_01_9, TPRF_17_01_8])"
}
| Parameter | Location | Type | Example | Description |
|---|---|---|---|---|
| incorrect parameter | body | string | "restriction TPRF_17_01_111 is not defined in CPD | Requested parameters detail |