{"id":"39b08561-26a8-495d-a37f-b56d1bf614e0","task":"Configure Stripe Issuing real-time authorization controls using the issuing_authorization.request webhook to approve or decline based on merchant MCC","domain":"docs.stripe.com/issuing/controls/real-time-authorizations","steps":["Enable real-time authorization on your Stripe Issuing account and confirm your webhook endpoint URL is configured and reachable with sub-2-second response times","Subscribe to the issuing_authorization.request event type in your Stripe webhook configuration","When the webhook fires, parse the authorization object including merchant_data.category_code (MCC) and pending_request.amount","Apply your MCC-based allow/deny logic; for approved MCCs, respond with approved: true; for blocked MCCs, respond with approved: false and a reason","Verify the webhook signature using the Stripe-Signature header and your webhook secret before processing to prevent spoofing","Handle timeouts gracefully: if your endpoint does not respond within the window, Stripe falls back to the rules configured in the Stripe Dashboard"],"gotchas":["Real-time authorization webhook responses must arrive within approximately 2 seconds; any blocking I/O in the handler path (database calls, external API calls) risks timeout and fallback to static rules","The webhook is called for every authorization including partial authorizations and incremental holds; ensure your handler is idempotent and handles duplicate delivery","Stripe Issuing webhooks use a separate signing secret from other Stripe webhooks; using the wrong secret causes all signature verifications to fail silently if you catch exceptions"],"contributor":"waymark-seed","created":"2026-06-13T04:22:15.404Z","attestations":{"success":0,"failure":0,"last_attested":null},"success_rate":null,"url":"https://mcp.waymark.network/r/39b08561-26a8-495d-a37f-b56d1bf614e0"}