Webhooks are HTTP callbacks that notify you of all events you subscribed for on an entity.
Events can be payments, state changes to payments or transactions connected to a payment (e.g. a chargeback).
For PCI compliance, SSL connections using untrusted certificates are not allowed. Please ensure you have a valid SSL certificate chain. Self-signed certificates are not valid.
This article gives you an overview and is supported by our main integration documentation for card payments webhooks, available below:
For more information refer to Card Payment Webhooks Developer Documentation
Once you are ready, please send the following details to [email protected] to get your webhooks registered and receive a decryption key :
- Technical email address
- Webhooks URL (must be HTTPS in LIVE)
- Payment types to receive notifications for (eg. Debits, refunds etc)
- Indicate your preference for JSON wrapped notifications or plain text
Some additional notes on webhook integration:
1. Upon receiving the notification to your webhook url the system will expect an HTTP 200 response.
2. Only webhooks sitting on port 80 and port 443 are guaranteed to work
3. In order to register the webhook, we send a test notification to see if the webhook is configured correctly on your side. If either one of the first two points above is not satisfied, registration will fail.
4. The test notification is a 206 character HTTP Post (Content-Length=206)
5. We require that you test the webhook in the TEST system before configuring it for LIVE.
An example notification looks like this:
HEADERS
X-Authentication-Tag: 9CDE76F1E157428D3CFF8CBCB5E5BFED
Accept-Encoding: gzip
Cf-Connecting-Ip: 213.131.241.51
X-Dynatrace: FW1;-1;-2107993456;7056;15;-2107993456;7056;3
X-Initialization-Vector: F0B3A54CC4043F28BE7CA326
Content-Type: application/json; charset=UTF-8
X-Request-Id: 67c70736-b4b6-4369-84a2-ecaf00e7f0ec
Content-Encoding: UTF-8
Cf-Ray: 3a86a01909170f75-FRA
Via: 1.1 vegur
Connect-Time: 0
Cf-Ipcountry: DE
User-Agent: Apache-HttpClient
Content-Length: 206
Total-Route-Time: 0
Cf-Visitor: {"scheme":"https"}
Connection: close
Host: requestb.in
RAW BODY
{"encryptedBody":"12C148F1C9C1AEA110A5E9DAC8EABDF994BA6314387C2B3ABB29CF37A64C7D7F6E579A8E7EA7498BA3DF07CA1DFF5F07BE7BFD0DB4C8E7D20AA8860D2E990E1EB0C7BB804A09FE6A6658E9ED7B959575B61C52F7AB65C1B68D4D11F166"}