# Bulk update card permissions

Enable or disable multiple spending permissions on a card in a single request.

This is the recommended endpoint for updating card permissions as it allows updating multiple permissions atomically.

Endpoint: PATCH /v4/spend/profiles/{profileId}/cards/{cardToken}/spending-permissions
Security: UserToken

## Path parameters:

  - `profileId` (integer, required)
    The ID of the profile that owns the card.
    Example: 123456

  - `cardToken` (string, required)
    The unique token identifying the card.
    Example: "ca0c8154-1e14-4464-a1ce-dcea7dc3de52"

## Header parameters:

  - `X-External-Correlation-Id` (string)
    Optional UUID for correlating requests across systems. If provided, Wise echoes it back in the response. Maximum 36 characters. Learn more.
    Example: "f47ac10b-58cc-4372-a567-0e02b2c3d479"

## Request fields (application/json):

  - `permissions` (array, required)
    List of permissions to update.

  - `permissions.type` (string, required)
    The permission type to update.
    Enum: "ECOM", "POS_CHIP", "POS_MAGSTRIPE", "POS_CONTACTLESS", "ATM_WITHDRAWAL", "MOBILE_WALLETS"

  - `permissions.isEnabled` (boolean, required)
    Whether to enable or disable this permission.


## Response 200 fields