> ## Documentation Index > Fetch the complete documentation index at: https://docs.lerian.studio/llms.txt > Use this file to discover all available pages before exploring further. # Activate a Limit > Use this endpoint to activate a spending limit. Activates the limit for enforcement in validations. ## OpenAPI ````yaml /en/openapi/v3-current/tracer.yaml post /v1/limits/{id}/activate openapi: 3.1.0 info: title: Tracer API description: >- Complete API reference for Tracer services including transaction validation, rules management, spending limits, and audit events for SOX/GLBA compliance. version: 1.0.0 servers: - url: https://tracer.lerian.io security: - ApiKeyAuth: [] - BearerAuth: [] tags: - name: Health API description: >- Health check endpoints for liveness and readiness probes. These endpoints do not require authentication. - name: Validations API description: >- Transaction validation endpoints. Performance target is under 80ms (p99). Validations are idempotent by `requestId` — a duplicate request returns the cached result with HTTP 200, while a new request returns HTTP 201. No idempotency header is required. - name: Rules API description: >- Validation rule management endpoints. Rules use CEL (Common Expression Language) expressions. - name: Limits API description: >- Spending limit management endpoints. Limits control transaction amounts by scope and period. - name: Audit Events API description: >- Audit trail endpoints for SOX/GLBA compliance. All validation decisions and configuration changes are recorded. paths: /v1/limits/{id}/activate: post: tags: - Limits API summary: Activate a Limit description: >- Use this endpoint to activate a spending limit. Activates the limit for enforcement in validations. operationId: activateLimit parameters: - $ref: '#/components/parameters/LimitId' - $ref: '#/components/parameters/ContentType' - $ref: '#/components/parameters/XApiKey' - $ref: '#/components/parameters/XRequestId' responses: '200': description: Indicates that the limit was successfully activated. content: application/json: schema: $ref: '#/components/schemas/Limit' '400': description: '' content: application/json: schema: $ref: '#/components/schemas/ErrorFormat' examples: Error0007: $ref: '#/components/examples/Error0007' Error0121: $ref: '#/components/examples/Error0121' '401': description: Unauthorized content: application/json: schema: $ref: '#/components/schemas/ErrorFormat' examples: ErrorUnauthenticated: $ref: '#/components/examples/ErrorUnauthenticated' '404': description: '' content: application/json: schema: $ref: '#/components/schemas/ErrorFormat' examples: Error0120: $ref: '#/components/examples/Error0120' '500': description: Internal Server Error content: application/json: schema: $ref: '#/components/schemas/ErrorFormat' examples: Error0004: $ref: '#/components/examples/Error0004' components: parameters: LimitId: name: id in: path description: >- The unique identifier of the limit that you want to retrieve, update or delete. required: true example: 019c96a0-0c0d-7915-84b9-e497bfee9916 schema: type: string format: uuid ContentType: name: Content-Type in: header description: The type of media of the resource. Must be `application/json`. required: true example: application/json schema: type: string XApiKey: name: X-API-Key in: header description: >- The API Key for authentication. **This header is required for all endpoints except health checks**. required: true schema: type: string XRequestId: name: X-Request-Id in: header description: A unique identifier used to trace and track each request. required: false example: 019c96a0-10ce-75fc-a273-dc799079a99c schema: type: string format: uuid schemas: Limit: type: object description: Spending limit. properties: limitId: type: string format: uuid description: Unique identifier for the limit. name: type: string description: Human-readable limit name. maxLength: 255 description: type: string maxLength: 1000 description: Limit purpose and usage explanation. limitType: type: string enum: - DAILY - WEEKLY - MONTHLY - CUSTOM - PER_TRANSACTION description: Type of limit (immutable after creation). maxAmount: type: string pattern: ^(?:[1-9]\d*(?:\.\d{1,2})?|0\.(?:0[1-9]|[1-9]\d))$ example: '1000.00' description: Maximum decimal amount. currency: type: string minLength: 3 maxLength: 3 description: ISO 4217 currency code (immutable after creation). scopes: type: array items: $ref: '#/components/schemas/Scope' description: Scopes that determine which transactions this limit applies to. status: type: string enum: - DRAFT - ACTIVE - INACTIVE - DELETED description: Limit lifecycle status. activeTimeStart: type: string pattern: ^([01]\d|2[0-3]):[0-5]\d$ example: '09:00' description: >- Start of the daily active time window in HH:mm format. Omitted when the limit is active all day. activeTimeEnd: type: string pattern: ^([01]\d|2[0-3]):[0-5]\d$ example: '17:00' description: >- End of the daily active time window in HH:mm format. Omitted when the limit is active all day. customStartDate: type: string format: date-time description: Start date for CUSTOM limits. customEndDate: type: string format: date-time description: End date for CUSTOM limits. resetAt: type: - string - 'null' format: date-time description: When the limit counter resets. Null for PER_TRANSACTION limits. createdAt: type: string format: date-time description: When the limit was created. updatedAt: type: string format: date-time description: When the limit was last modified. deletedAt: type: - string - 'null' format: date-time description: When the limit was deleted (null if not deleted). ErrorFormat: type: object description: The response message error. required: - code - title - message properties: code: type: string description: A unique, stable identifier for the error. title: type: string description: A brief summary of the issue. message: type: string description: Detailed guidance for resolving the error. fields: type: object additionalProperties: true description: Additional information about the fields that caused the error. Scope: type: object description: Scope definition for rules and limits. At least one field must be set. properties: segmentId: type: string format: uuid description: Apply to transactions from this segment. portfolioId: type: string format: uuid description: Apply to transactions from this portfolio. accountId: type: string format: uuid description: Apply to transactions from this specific account. merchantId: type: string format: uuid description: Apply to transactions to this specific merchant. transactionType: type: string enum: - CARD - WIRE - PIX - CRYPTO description: Apply to this transaction type only. subType: type: string maxLength: 50 description: Apply to this transaction subType only. examples: Error0007: summary: Invalid Path Parameter value: code: TRC-0007 title: Invalid Path Parameter message: >- The provided ID is not a valid UUID format. Please verify the ID and try again. Error0121: summary: Invalid Limit Status Transition value: code: TRC-0121 title: Invalid Status Transition message: >- The requested status transition is not allowed. Please check the current limit status and valid transitions. ErrorUnauthenticated: summary: Unauthorized value: code: Unauthenticated title: Unauthorized message: >- API Key missing or invalid. Provide a valid API Key in the X-API-Key header. Error0120: summary: Limit Not Found value: code: TRC-0120 title: Limit Not Found message: >- The requested limit does not exist. Please verify the limit ID and try again. Error0004: summary: Internal Server Error value: code: TRC-0004 title: Internal Server Error message: >- An unexpected error occurred. Please try again later or contact support if the issue persists. securitySchemes: ApiKeyAuth: type: apiKey in: header name: X-API-Key description: >- API Key authentication. Used by single-tenant deployments (`MULTI_TENANT_ENABLED=false`). Sent on every `/v1/*` request. BearerAuth: type: http scheme: bearer bearerFormat: JWT description: >- JWT bearer authentication. Used by multi-tenant deployments (`MULTI_TENANT_ENABLED=true`). The JWT is issued by Access Manager and must carry the `tenantId` claim — Tracer resolves the tenant from the token, not from any header or body field. ````