Configure remote authorization

• Contact your Airwallex Account Manager to enable Issuing APIs, Cards, Remote Authorization for your Airwallex account.
• If you have a Scale platform account, enabling remote authorization on the platform account also enables remote authorization for connected accounts.
• Obtain your access token API by authenticating to Airwallex using your unique Client ID and API key. You will need the access token to make API calls.

Use Get issuing config API to check if you have remote authorization set up. If it’s not configured, the response will not contain the remote_auth_settings object.

When an existing configuration for remote authorization does not exist, use Update issuing config API endpoint to initialize and enable remote authorization.

To initialize, you will only need to provide an HTTPS URL of your remote authorization endpoint and submit the request. This will generate the shared secret when no existing remote authorization configuration exists. The shared_secret will be used to add digital signatures to transaction requests - this field can only be retrieved from Update issuing config API. It returns null in the Get issuing config API response.

Use the following parameters to enable remote authorization:

• enabled: Set this to true to enable remote authorization. If you do not specify a value, false is set as default.
• default_action: Specify the default action, AUTHORIZED or DECLINED, in the event of remote authorization failure, for example, network failures, request time-outs. If you do not specify a value, AUTHORIZED is set as default.
• new_shared_secret: Set this to true to generate a new shared secret. Note that this will discard the old shared secret and you will need to update your system with the new secret to verify the remote auth request. We highly recommend that you do this after disabling the remote auth config.