Updates risk levels for Issuing Authorizations to use standard valuesBreaking changes

What’s new

To be consistent with other Stripe APIs, we renamed the risk levels for Issuing Authorizations to the following standard values:

unknown
not_assessed
low
normal
elevated
highest

Why is this a breaking change?

This change renames existing enum values for risk levels and introduces new values to match other Stripe APIs. Referencing the previous enum values in your integration or failing to handle the new values might affect risk evaluation accuracy.

Impact

You must support these new enum values, and remove use of the previous values.

The risk_assessment.merchant_dispute_risk.risk_level field adds low as a new value and replaces high with highest.
The risk_assessment.card_testing_risk.risk_level field adds low as a new value. Existing authorizations with this field set to high will now show as elevated risk level.

Changes

Parameter	Ändern	Ressourcen oder Endpoints
fraud_disputability_likelihoodrisk_assessment	Hinzugefügt	Issuing.Authorization.testHelpers#create

Upgrade

View your current API version in Workbench.
If you use an SDK, upgrade to the corresponding SDK version for this API version.
- If you don’t use an SDK, update your API requests to include Stripe-Version: 2025-09-30.clover
Upgrade the API version used for webhook endpoints.
Test your integration against the new version.
If you use Connect, test your Connect integration.
In Workbench, perform the upgrade. You can roll back the version for 72 hours.

Learn more about Stripe API upgrades.