Webhooks
When a payment has been processed we can send you a webhook notification confirming the outcome of the payment so you can take action within your own systems, for example, fulfilling orders, notifying your customers or integrating with third-parties.
Setting the webhook URL
The payment-related webhook URL is defined when initiating a payment, by setting the urls.webhook
field:
{
"amount_minor": 1000,
"currency": "EUR",
"reference": "ORD-123456",
"description": "Your Haircutz appointment at Emma Stone Hair Salon",
"payment_method": {...},
"integration": {...},
"routing": {...},
"urls": {
"redirect": "https://haircutz.co/checkout/complete?order_id=ORD-123456",
"webhook": "https://webhooks.haircutz.co/getpaid"
}
}
For more details on the Initiate Payment API call, see Accept Payments.
Webhook Events
For a comprehensive reference on the schema of the payment webhooks, please see our API Reference.
We currently send webhooks for the following events:
Payment Succeeded
The payment_succeeded
event occurs when a payment has been successfully processed and approved by the relevant scheme/issuer. By default it is triggered when a payment transitions to a captured
state. For manual captures (not yet supported), it is triggered when the payment transitions to authorized
.
Example Webhook
{
"id": "evt_4r8t310nhp2mferdc1waa07s5d",
"type": "payment_succeeded",
"occurred_at": "2019-08-24T14:15:22Z",
"data": {
"id": "pay_473cr1y0ghbyc3m1yfbwvn3nxx",
"status": "captured",
"reference": "ORD-123456"
}
}
Payment Failed
The payment_failed
event occurs when a payment is not approved. You can inspect the data.status
field of the webhook payload to determine the cause of failure. The most common reasons include failed authentication (3D-Secure) and declines.
We do not send this webhook for payments that cannot be processed due to invalid data being supplied. These scenarios are handled by returning error details in the appropriate API responses (see Getting Started for more details).
Example Webhook
{
"id": "evt_4y7rv0p7zqv0f9arfsyr50864t",
"type": "payment_failed",
"occurred_at": "2019-08-24T14:15:22Z",
"data": {
"id": "pay_473cr1y0ghbyc3m1yfbwvn3nxx",
"status": "declined",
"reference": "ORD-123456"
}
}
Handling Webhooks
All webhooks are submitted to the provided URL via a HTTP POST
request. The content type of the request body is application/json
.
To confirm that you have successfully handled the webhook, return any successful 2xx
HTTP status code. Any other status code will be treated as a failure and the webhook will be retried.
Webhooks will be retried a maximum of 10 times.
Webhook Verification (coming soon)
In order to verify incoming webhooks and ensure they have been generated by getpaid, the webhook request will include a GetPaid-Signature
header that you can use to validate the authenticity of the provided data.