Utilities for handling Gateway Just-in-Time (JIT) Funding requests.

When using Gateway JIT Funding, Marqeta sends a synchronous funding request to your gateway endpoint for every authorization. Your gateway must respond with an approval or denial within the configured timeout (typically 1.5–3 seconds).

Request Flow

Cardholder swipes card
      ↓
Network sends authorization to Marqeta
      ↓
Marqeta sends JIT request → YOUR GATEWAY (sync, ~1.5s timeout)
      ↓
Your gateway responds approve/deny
      ↓
Marqeta approves/declines the network authorization
      ↓
Marqeta sends async webhook notification (informative)

JIT Methods

Actionable (require a funding response)

• pgfs.authorization — standard purchase authorization
• pgfs.authorization.account_verification — zero-dollar card validation
• pgfs.auth_plus_capture — single-message (PIN debit / ATM)
• pgfs.balance_inquiry — balance inquiry

Informative (no response needed — just acknowledge)

• pgfs.authorization.capture — funds captured after authorization
• pgfs.authorization.capture.chargeback — chargeback processed
• pgfs.authorization.reversal — authorization reversed
• pgfs.authorization.clearing — settlement complete
• pgfs.adjustment.credit — credit adjustment applied
• pgfs.adjustment.debit — debit adjustment applied

Examples

# In your gateway controller (Plug/Phoenix):
def handle(conn, params) do
  alias Marqeta.GatewayJIT

  response =
    if GatewayJIT.actionable?(params) do
      user_token = GatewayJIT.user_token(params)
      amount     = GatewayJIT.amount(params)
      mcc        = GatewayJIT.mcc(params)

      cond do
        blocked_mcc?(mcc)       -> GatewayJIT.decline(params, reason: "TRANSACTION_NOT_PERMITTED")
        insufficient?(user_token, amount) -> GatewayJIT.decline(params, reason: "INSUFFICIENT_FUNDS")
        true                    -> GatewayJIT.approve(params)
      end
    else
      # Informative — return a minimal acknowledgement
      GatewayJIT.ack(params)
    end

  json(conn, response)
end