Delegated payments

Delegations define exactly what an agent is permitted to do. Instead of giving an agent a single credential with unrestricted spending power, you create a delegation that specifies merchant constraints, amount ceilings, currency limits, and a validity window. Every permission request is evaluated against the active delegation; if the request falls outside the delegation scope, AffixIO returns DENY or ALLOW_WITH_LIMITS with a lower cap.

What you can constrain

• Merchant allowlist – Restrict the agent to specific merchant IDs or merchant categories. Transactions to non-allowlisted merchants are denied.
• Amount limits – Per-transaction maximum, daily aggregate, or period aggregate. The decision response can include max_amount so your PSP enforces the same ceiling.
• Currency – Only allow certain currencies. Requests in other currencies are denied.
• Validity window – Start and end time for the delegation. Outside the window, the delegation is treated as inactive.
• Channel – Optional channel restrictions (e.g. online only, or terminal only) so the same agent cannot exceed scope by switching channel.

API

Create a delegation with POST /v1/delegations. Verify with POST /v1/delegations/:delegationId/verify and revoke with POST /v1/delegations/:delegationId/revoke. When you call POST /v1/nior/agent/permission, you pass the delegation_id; AffixIO checks that the delegation is active, not revoked, and that the payment intent fits within the delegation constraints before returning an allow decision.

Related

Agent Permissions · Offline permissions · Developer docs · Contact