> ## Documentation Index
> Fetch the complete documentation index at: https://docs.sudo.africa/llms.txt
> Use this file to discover all available pages before exploring further.

# Authorizations

When a card is used either at an ATM, POS or Online, an authorization request is made which is approved or declined based on the following steps.

1. User attempts to make a transaction at an ATM, POS or Online.
2. An Authorization object is created on Sudo.
3. Sudo checks to ensure the current available balance is sufficient for the transaction.
4. Sudo proceeds to check the card and cardholder status. We expect both to be active.
5. Sudo checks if spending controls should automatically decline the authorization.
6. Sudo then sends an `authorization.request` event which you are expected to either approve or decline.
7. If we do not receive a response from you within **4** seconds, the `Authorization` is automatically approved or declined based on your timeout settings as configured in the card funding source.

## Approved Authorizations

Once an authorization request is made, the status on the authorization is set to `pending`, and the `authorization.request` webhook event is sent. On approval, the `amount` is deducted from your default available balance. A transaction is then created and the `status` of the authorization is set to `closed`.