Hello,
I'm having trouble understanding the documentation provided for authorization control, specifically on blocking specific merchants. Here's one detail regarding this: "Your program’s default authorization behavior can block all merchants by default, requiring you to whitelist allowable merchants, or allow all merchants by default, requiring you to blacklist blocked merchants. Make sure you know your program’s default behavior before designing your controls." My question is how do I know my program's default behavior? I'm not sure if it currently is allowing all merchants so that if I create a new auth control with merchant scope it will restrict those entries. Let me know if there's an api or guide to check the program's default behavior. Also, please clarify if whitelisting/blacklisting is done through the merchant scope field or elsewhere.
