One-time KYC
Before you can create your first card, the card issuer requires basic identity information. The firstcreate_card call returns user_info_required — collect:
- First name and last name
- Date of birth
- Phone number
- Acceptance of the Stripe Issuing cardholder terms
- CLI
- MCP
The
agent-cards cards create flow prompts you for these the first time.Approval requests
Some high-trust actions — such as revealing full card details (get_card_details) or certain spend — can trigger an approval request (HTTP 202). When that happens:
- An email is sent to the account owner.
- The owner approves from the email.
- Your agent calls
approve_requestwith the approval ID (or you approve from the link), then the original action proceeds.
agent-cards settings authorization.
Other gating responses
| Response | Meaning | What to do |
|---|---|---|
user_info_required | First-time KYC not yet submitted | Submit identity info, then retry. |
approval_required (202) | Action needs owner approval | Approve from email, then approve_request. |
payment_method_required | No saved payment method | Run setup_payment_method first. |
beta_capacity_reached (403) | You’ve been waitlisted | Wait — nothing else to do. |
Security defaults
- Card numbers and CVVs are never shown unless you explicitly request them.
- Closing a card is always confirmed (it’s irreversible).
- Switching to prod mode is always confirmed (prod cards draw on your real payment method).