Restrictions
Customer restrictions let you block a specific customer from making payments. You can block new payment attempts made by the customer (CIT — customer-initiated transactions), block recurring subscription charges (MIT — merchant-initiated transactions), or both.
Restrictions are separate from the Blacklist. Restrictions target a customer by their ID and can be turned on or off independently per transaction type. The Blacklist targets customers by email address and is described in the Blacklist section below.
Prerequisites
- A secret API key with write access to customers.
- The customer ID you want to restrict (
cus_…).
Apply a Restriction
Send a POST /customers/{id}/restrictions request with the restriction flags you want to enable:
{
"customer": "cus_2R0uWz4tu9wxTMBXxj9CJfSE9vV",
"restrictCit": true,
"restrictMit": true,
"restrictReason": "Account suspended pending fraud review"
}
Set restrictCit to block customer-initiated payments, restrictMit to block merchant-initiated payments, or both. The optional restrictReason stores a free-text explanation on the record. Setting only one flag allows the other transaction type to proceed normally.
See the POST /customers/{id}/restrictions reference for the full parameter list.
To block a customer from making new checkout payments without stopping their active subscriptions, set only restrictCit:
{
"customer": "cus_2R0uWz4tu9wxTMBXxj9CJfSE9vV",
"restrictCit": true,
"restrictMit": false
}
Apply a Restriction via the Dashboard
- Open the Customers section and select the customer.
- The customer detail page shows a red Restricted chip next to the customer name when a restriction is already active.
- Click the Actions button (top right of the customer card) and select Restrict customer.
- In the dialog, fill in the Restrict reason field (optional).
- Toggle Restrict customer initiated to block CIT payments, and/or Restrict merchant initiated to block MIT payments.
- Click Restrict to save.
Remove a Restriction
To lift all restrictions, send the same endpoint with both flags set to false:
{
"customer": "cus_2R0uWz4tu9wxTMBXxj9CJfSE9vV",
"restrictCit": false,
"restrictMit": false
}
To remove only one type of restriction, set its flag to false while leaving the other unchanged.
Via the Dashboard, follow the same steps as applying a restriction, but toggle the relevant switches off before clicking Restrict.
The isRestricted Field
The customer object includes an isRestricted boolean field. It is true when at least one of restrictCit or restrictMit is true. It is false only when both flags are false.
You can use isRestricted as a single check when you do not need to know which type of restriction is active.
The restrictCit, restrictMit, restrictReason, and isRestricted fields are only visible when authenticated with a secret key or accessed through the Dashboard. They are not exposed to public or publishable key requests.
Automatic Restrictions from Chargebacks
When processing a chargeback, you can set the blacklistCustomer flag to automatically apply restrictions to the customer. See Handling Chargebacks for details.
The Blacklist
The Blacklist is a separate mechanism that blocks customers by email address rather than by customer ID. When a customer whose email is on the Blacklist attempts a new payment, the payment is rejected regardless of whether their customer record has restrictCit set.
View the Blacklist
Navigate to the Blacklist page in the Dashboard to see all blacklisted email addresses, their reason (if provided), and the date they were added.
Add an Entry to the Blacklist
You can add an email address to the Blacklist through the Dashboard or the API.
Dashboard: Click the Add button on the Blacklist page, enter the customer's email address, add an optional reason, and click Submit.
API: Send a POST /blacklist request:
{
"email": "user@example.com",
"reason": "Fraudulent activity detected"
}
Remove an Entry from the Blacklist
Dashboard: On the Blacklist page, click the delete action next to the entry you want to remove and confirm.
API: Send a DELETE /blacklist/{id} request using the blacklist entry ID (bl_…).
Removing an entry from the Blacklist does not automatically remove restrictCit or restrictMit flags from the customer record. Use POST /customers/{id}/restrictions to clear those independently if needed.
CIT vs MIT: Key Distinction
| Flag | Blocks |
|---|---|
restrictCit | New payment attempts initiated by the customer (e.g. checkout sessions, one-time purchases) |
restrictMit | Recurring charges triggered by the merchant (e.g. scheduled subscription renewals) |
The two flags operate independently. A customer with only restrictMit set can still make new purchases; a customer with only restrictCit set will still be charged for their active subscriptions.