Webhooks

Use webhooks to get notified about certain events. Each webhook is signed to ensure authenticity. Any number of webhook endpoints can be created.

Create new webhook endpoint

Possible events

`order.created`	(Pending) Order has been created
`order.processed`	Order has been processed and compensated
`order.canceled`	Pending order was discarded
`order.refunded`	Order was reversed
`payment_link.created`	A new payment link was created
`payment_link.paid`	Payment Link successfully used

Receive webhook

We send a POST request to the URL defined in the webhook endpoint. This is what an example of a request body looks like:

1
2
3
4
5
6
7
8
9
10
{
  "trigger": "order.created",
  "created_at": "2022-02-03T02:23:47.404Z",
  "ident": "8ed1bae2-9ca4-4c3c-8fee-669334c783da",
  "signature": "a871c6067afef4cb7040c0b445f7df0503067d7af41dc95e554c47da94a553260c29051d377f5b5447f060a2d0833745177facfeb8c43daa96e9b181bc66cd88",
  "testing": false,
  "webhook_content": {
    "order_id": "CA-A949-E43D48E1"
  }
}

Validate Webhook

Validate the authenticity of the webhook calls using the signature and the private key. Combine the fields trigger, ident and the private key to a string like in the example and encrypt it with SHA512. The resulting encrypted string must match signature.

Retrieve private key

1
2
3
4
5
6
7
const validation = sha512(request.body.trigger + request.body.ident + your_private_key);

if (request.body.signature !== validation) {
  return response.status(401).send() //Unauthenticated
}

//ToDo: implement the webhook request

Ready to start? Contact us or create an account directly.

Create an account and start directly with the calculation and compensation of CO2 emissions via our API. You still have questions or need an individual offer? Use the chat or make an appointment with our sales team.

Create an account now

Chat with us

Schedule a meeting