Webhooks

Use webhooks to be notified about certain events. Each webhook is signed to ensure authenticity. Any number of webhook endpoints can be created.

Possible events

order.created(Pending) Order has been created
order.processedOrder was processed and compensated
order.canceledPending order was rejected
order.refundedOrder was canceled
payment_link.createdA new payment link has been created
payment_link.paidPayment link successfully used

Receive webhooks

We send a POST request to the URL defined in the webhook endpoint. This is what an example of a request body looks like:

1
2
3
4
5
6
7
8
9
10
11
12
{
  "trigger": "order.created",
  "created_at": "2022-02-03T02:23:47.404Z",
  "ident": "8ed1bae2-9ca4-4c3c-8fee-669334c783da",
  "signature": "a871c6067afef4cb7040c0b445f7df0503067d7af41dc95e554c47da94a553260c29051d377f5b5447f060a2d0833745177facfeb8c43daa96e9b181bc66cd88",
  "testing": false,
  "webhook_content": {
    "order_ids": [
      "CA-A949-E43D48E1",
    ]
  }
}

Webhook validation

Validate the authenticity of the webhook call using the signature and the private key. Combine the fields trigger, ident and the private key to a string as in the example and encrypt it with SHA512. The resulting encrypted string must match signature.

1
2
3
4
5
6
7
const validation = sha512(request.body.trigger + request.body.ident + your_private_key);

if (request.body.signature !== validation) {
  return response.status(401).send() //Unauthenticated
}

//ToDo: implement the webhook request

Related resources

API

Payment Links

Pricing


Do you still have questions?

No credit card required - Create an account now

Create an account and start calculating and offsetting CO2 emissions directly via our API. Do you still have questions or need a customized offer? Use the chat or make an appointment directly with our sales team.