Webhooks

Use webhooks to be notified about specific events. Each webhook is signed to ensure its authenticity. An unlimited number of webhook endpoints can be created.

Possible Events

order.created

(Pending) Order has been created

order.processed

Order has been processed and offset

order.canceled

Pending order has been canceled

order.refunded

Order has been refunded

payment_link.created

A new checkout link has been created

payment_link.paid

Checkout link successfully used

Receiving Webhooks

Create a New Webhook Endpoint

We send a POST request to the URL defined in the webhook endpoint. Here is an example of what a request body looks like:

1
2
3
4
5
6
7
8
9
10
11
12
{
  "trigger": "order.created",
  "created_at": "2022-02-03T02:23:47.404Z",
  "ident": "8ed1bae2-9ca4-4c3c-8fee-669334c783da",
  "signature": "a871c6067afef4cb7040c0b445f7df0503067d7af41dc95e554c47da94a553260c29051d377f5b5447f060a2d0833745177facfeb8c43daa96e9b181bc66cd88",
  "testing": false,
  "webhook_content": {
    "order_ids": [
      "CA-A949-E43D48E1",
    ]
  }
}

Webhooks validieren

Validate the authenticity of the webhook call using the signature and the webhook secret. To do this, combine the fields trigger, ident, and the webhook secret into a string as in the example and encrypt it with SHA512. The resulting encrypted string must match the signature.

Retrieve Webhook Secret

1
2
3
4
5
6
7
const validation = sha512(request.body.trigger + request.body.ident + your_webhook_secret);

if (request.body.signature !== validation) {
  return response.status(401).send() //Unauthenticated
}

//ToDo: implement the webhook request

No credit card required - Create an account now

Create an account and start calculating and compensating CO2 emissions directly via our API. Do you have questions or need a custom offer? Use the chat or schedule an appointment with our sales team.

Questions? Chat with us