Introduction

Webhooks allow the Merchant to track events happening in Paysafe Embedded wallet. The following object changes can be tracked using webhooks:

• Customer restrictions - Events related to customer restriction changes
• Transactions - Events related to Embedded Wallet transaction status changes
• Accounts - This event is used to track IBAN assignments.
• Payment Instruments - Tracks payment instrument status changes.
• Kyc verifications - Tracks when kyc verification is completed.
• Payment Handle - The webhook is sent when there's an update on the Payment Handle. The eventType signifies the change that occurred.

It is the Merchant's responsibility to:

• expose API endpoints for webhook handling
• configure the webhook root URL with Paysafe
• ensure the availability of the endpoints to receive the webhooks

Webhook Signature

The webhook notification contains a signature header calculated using the following algorithm:

• digest = HMAC_SHA256 (hmacKey, UTF 8 string containing the JSON webhook request body)
• signature = base 64 encode (digest)

The code receiving the webhook needs to repeat this algorithm and compare the value generated with the value received in the header.

Example Header:

Signature: UMaQ4h635wUc4hp60Z5ASBC/5UtqKybAldOkLv6ngc0=

For more details on request signing please check the Request Signing documentation.

Notifications Resend API

In cases some issue in the merchant system prevented proper event processing, events can be replayed using Notification Resend API.

Notification Resend API allows the Merchant to request the re-sending of events that have already been sent and delivered successfully to the Merchant.