Log inGet started
Airwallex logo
Core API
Transactional FX
Back to home
OverviewHow Airwallex Issuing worksSupported regions and currenciesSupported card programs
Use Cases
Card controls
Authorization controls
Remote authorization
Remote authorization scenariosConfigure remote authorization
Respond to authorization requestsRetrieve authorizationsTest remote authorizationHandle exceptions
3D Secure authentication

Configure remote authorization

To be able to respond to remote authorization requests, you must enable remote authorization and configure your default settings. Airwallex falls back to the default settings if your system fails to respond with a decision within 2 seconds due to network failures or request timeouts.

Before you begin

Step 1: Retrieve your remote authorization settings

Use Get issuing config API to check if you have remote authorization set up. If it’s not configured, the response will not contain the remote_auth_settings object.

Example request
Example response

Step 2: Initialize and enable remote authorization

When an existing configuration for remote authorization does not exist, use Update issuing config API endpoint to initialize and enable remote authorization.

To initialize, you will only need to provide an HTTPS URL of your remote authorization endpoint and submit the request. This will generate the shared secret when no existing remote authorization configuration exists. The shared_secret will be used to add digital signatures to transaction requests - this field can only be retrieved from Update issuing config API. It returns null in the Get issuing config API response.

Use the following parameters to enable remote authorization:

  • enabled: Set this to true to enable remote authorization. If you do not specify a value, false is set as default.
  • default_action: Specify the default action, AUTHORIZED or DECLINED, in the event of remote authorization failure, for example, network failures, request time-outs. If you do not specify a value, AUTHORIZED is set as default.
  • new_shared_secret: Set this to true to generate a new shared secret. Note that this will discard the old shared secret and you will need to update your system with the new secret to verify the remote auth request. We highly recommend that you do this after disabling the remote auth config.
Example request
Example response
On this page