Unauthorized API Call Blocking Scenario
An agent attempts to call an API endpoint that isn't on its allowlist. Sipi Bot intercepts the call, logs the attempt, and returns an unauthorized error to the agent.
This scenario tests the merchant allowlist enforcement and helps agents learn which endpoints are permitted without exposing billing systems to unauthorized charges.
Can agents request additional endpoints?
Yes. The blocked event is logged with the endpoint details. An admin can review and approve new endpoints via the dashboard, automatically updating the allowlist.