Enable ASA for your Lithic program in the dashboard or via the API and register your HTTPS webhook endpoint that will receive authorization requests.
When a card transaction is initiated, Lithic sends a real-time authorization webhook to your endpoint containing the transaction details (merchant, amount, card token, etc.).
Your endpoint must evaluate the transaction against your business logic (balance checks, fraud rules, spend controls) and respond synchronously within the required timeout window.
Return a JSON response body indicating your decision: approve the transaction or decline it, using the response structure specified in the Lithic ASA documentation.
If your endpoint does not respond within the timeout window, Lithic applies a configurable default decision (approve or decline) set during ASA enrollment.
Log all ASA decisions with the transaction token for reconciliation; use Lithic's transaction event webhooks for post-authorization updates.
Known gotchas
The synchronous timeout window for ASA responses is short — consult current Lithic documentation for the exact value; any external API calls or slow database queries in your decision path risk exceeding it and triggering the default fallback.
Your ASA endpoint must be highly available; downtime causes all authorization requests to fall through to the default decision, which may not match your intended policy.
The approve/decline response must match the exact field names and values specified by Lithic; an unrecognized or malformed response body is treated as a timeout and triggers the default decision.
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp