Webhooks
Paysafe’s instant, real-time notifications are Webhooks that inform you of all the status updates. Webhooks are a notification mechanism that lets the subscribers know that an event has occurred in real-time. A Webhook is an HTTP callback which is triggered when an event takes place. You can specify the destination URL in the form of an HTTP request when creating a Webhook. Notifications are delivered to this URL on your server based on event occurrences. Event could be anything - chargeback posted, CC transaction authorized, etc. DirectDebit Webhook aimed at providing real-time data points to our ISV partners. This will help ingest data into their systems directly and introduce logic in their systems to act upon when a certain event occurs.
- To receive notifications from Paysafe for status updates, create user-defined HTTP callbacks for those events.
- These callbacks push notifications to your destination whenever an event occurs.
- You are responsible for ensuring its continued availability.
This document covers all the webhook events that are sent as part of directdebit/directcredit payment processing.
Benefits
- Notification (including data points) delivered via webhook.
- Partners only subscribe to event once and notification is delivered as soon as new event becomes available
- Ingests into partner’s systems automatically; near real-time
- Enable Partners to create logic in their systems when certain events occur
- Preferred option for tech-advanced ISVs to get real-time data
Webhooks will NOT replace Reporting. Webhooks provide "just enough information" in the payload along with the notification in real-time. This allows the subscribers (ISV partners/direct merchants) to be aware of events as soon as it occurs and create some logic on their end, if needed. Webhooks will be complemented with Reports to gain access to the entire set of data and metadata.
Why use Webhooks?
You can use Webhooks whenever you want to know and act upon event occurrences such. You can configure your Webhook subscription for events such as `payment failed, Payment cancelled, and so on, and notify yourself for these events. For a detailed list of supported Webhook events, refer to the section “List of supported webhook events and topics”.
Webhook Request Details
When you configure your Webhooks subscription, events are created and sent asynchronously as they occur. Paysafe notification messages are POST requests that carry a JSON-encoded payload along with the HTTP headers. You need to use both – the header and the JSON string – to consume a webhook. These payloads have minimum details about the triggered event. Paysafe returns links to the corresponding API resource. You can use this to find detailed information on a resource that has changed the state. To configure Webhooks, open a service request in the Business Portal.
Webhook Headers
HTTP headers are useful when consuming a Webhook request. Among many HTTP headers, Paysafe also includes a Webhook signature header that you can use to verify the Webhook.
Webhook Signature
The webhook notification contains a signature header calculated using the following algorithm:
digest = HMAC_SHA256 (hmacKey, UTF 8 string containing the JSON webhook request body)
signature = base 64 (digest)
The code receiving the webhook needs to repeat this algorithm and compare the value generated with the value received in the header.
Example Header:
Signature: UMaQ4h635wUc4hp60Z5ASBC/5UtqKybAldOkLv6ngc0=
Webhook Payload
A Webhook payload contains information about the event that occurred. It has _links to the corresponding resource that triggered the event. The payload also includes attributes such as timestamp, the topic of the event and the id of the resource.