Webhooks enable you to be notified of an event such as a payment status change in real-time.
They are configured in the Console in your application and take 4 parameters:
|The URL where you will listen to Fintecture webhooks and process the resulting message|
|The delay in minutes when you post the webhook to be called after an event happened|
|The list of events to which you want the webhook to be called|
A webhook is an `application/x-www-form-urlencoded` or `application/json` POST request which is signed using your application privately-kept public key (private asymmetric keys).
Verify the signature using your private key, and only then process the order based on the result of the payment.
POST /webhook HTTP/1.1 Host: mywebsite.com Signature: keyId="2dfdcf57-5b2f-4309-846f-913d0b2802cf",algorithm="rsa-sha256",headers="date digest x-request-id",signature="h0V0SUbjRhLEP/MiYo0Mgs1N17EuCEmKyQrDjxysc7iSiFXTjvY6qVEoaiRkzB8ZI0J39gGwOtTXN9CJPVRbhEHhi9Z9rQvM33FkygXvvx8BwM76fSTQ2/BSZWx04CjbPv/XUVusnkKVr3W6p+Vn073hAuJn1nKCvDOyl+QnDtstkzT+UacVzDA9L9nyPbbaPQHJobaZuG8TjhnI+Y0PZxneke6OU6fcdPT0uwkEamDOOExcMryHIX1iH5iiPMvLoVA8acqvvMSDYar0rlEQ2J1M4dcowWT8FxLo6C8uqvJIaBYm7Ze0RNJOwY0UBImCVDIuQLJuBjPwjQT5GjTQlg== Digest: SHA-256=wOtTXN9CJPVRbhEHhi9Z9rQvM33FkygXvvx8BwM76fS Date: Mon, 08 Jun 2020 23:11:23 GMT X-Request-ID: 88c414df-6895-48db-8ef3-1fd1ce4272c6 Content-Type: application/x-www-form-urlencoded session_id=b2bca2bcd3b64a32a7da0766df59a7d2&status=payment_created&customer_id=1ef74051a77673de120820fb370dc382&provider=bnpafr&state=mystate&event=payment_session.status.payment_created
Webhook will retry 10x with an exponential time increment if your sever doesn't respond with a HTTP code in the 2XX range.
Webhooks have a timeout time of 20 seconds. If your server doesn't answer in less than 20 seconds we timeout and retry later.
Payment Sessions of type IncomingTransfer will not necessarily contain a reference which maps to an order thus consider whether you should filter out these payment sessions during your integration by returning a dedicated HTTP response status code such as 202.
The following attributes are included in the
application/x-www-form-urlencoded webhooks. These attributes are only sent if they are populated with a value.
|all||The unique identifier of the payment session|
|all||The unique customer ID which did the payment|
|all||The financial provider which was used to process the payment|
|all||The state which was sent on the redirection request|
|all||The event which was just triggered|
|The status of the payment session|
|The status of the refund from the original payment|
|The session ID of the original payment session which is being refunded|
|The payment session transfer state|
|Details about the payment session |
The payment session type
|The payment session amount|
|The total amount received on this payment session|
|The amount of the latest transaction related to the payment session|
The order of attributes will not change. More attributes can be appended at the end.
Updated 8 days ago