Register a publicly reachable HTTPS endpoint using POST /v1/responder_endpoints with the type set to AUTH_STREAM_ACCESS and the url of your handler
Receive inbound POST requests from Lithic during each card authorization; parse the JSON body for amounts, merchant, card, and authentication fields
Evaluate decisioning logic and return HTTP 200 with a JSON body containing the result field set to one of the valid enum values
Use APPROVED to approve, CHALLENGE to trigger cardholder authentication; any other value declines — use the most specific decline reason (e.g. UNAUTHORIZED_MERCHANT, INSUFFICIENT_FUNDS, VELOCITY_EXCEEDED, SUSPECTED_FRAUD, AVS_INVALID, CARD_PAUSED)
Respond within 3 seconds — Lithic times out and declines the transaction after 6 seconds with no response
Optionally return avs_result (MATCH, MATCH_ZIP_ONLY, MATCH_ADDRESS_ONLY, FAIL) and approved_amount for partial approvals alongside result
Known gotchas
The only two result values that do NOT decline the transaction are APPROVED and CHALLENGE — every other result value (UNAUTHORIZED_MERCHANT, INSUFFICIENT_FUNDS, VELOCITY_EXCEEDED, SUSPECTED_FRAUD, AVS_INVALID, DRIVER_NUMBER_INVALID, VEHICLE_NUMBER_INVALID, CARD_PAUSED) results in a decline; there is no bare DECLINED enum value
CHALLENGE is only valid for cardholder-initiated transactions; returning CHALLENGE on a non-cardholder-initiated transaction will cause unexpected behavior
Lithic will retry once immediately on 5xx or network failure — your endpoint may receive the same authorization request twice; implement idempotency using the transaction token in the request body
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp