API Overview

Webhooks Implementation Guide
- Recent Revisions to This Document
- VISA Platform Connect: Specifications and Conditions for Resellers/Partners

Introduction to Webhooks
- Webhooks Integration Overview
- Supported Products and Event Types

Set Up Your Security

Create REST API Keys
- Create a Shared Secret Key Pair
- Create a P12 Certificate

Create a Digital Signature Key

(Optional) Provide Your OAuth Credentials

Retrieve a List of Products and Events

Message-Level Encryption
- Preparing Your Workspace
- Generate Certificate and Key Pair
- Register the Certificate
  - Required Fields for Registering Your Message-Level Encryption Keys
  - Example: Registering Your Certificate
  - REST Interactive Example: Registering Your Certificate
- Security Best Practices
- Troubleshooting
- Viewing Certificate Details

Create a Webhook Subscription
- Create a Webhook Subscription
- Create a Webhook Subscription Using OAuth
- Create a Webhook Subscription Using OAuth with JWT
- Create a Sample Webhook Subscription

Optional Set-Up Tasks
- Webhook Health Check URL and Automatic Revalidation
- Configure the Retry Policy

Webhook Notification Field Descriptions

Example: Notification Payload

Manage Webhook Subscriptions Requests
- Retrieve the Details of a Webhook Subscription
- Retrieve All of an Organization's Subscriptions
- Update a Webhook Subscription
- Delete a Webhook Subscription
- Verify a Webhook Subscription's Configuration
- Activate a Webhook Subscription
- Deactivate a Webhook Subscription

Troubleshooting Webhook Subscriptions

On This Page

Message-Level Encryption

Message-level encryption (MLE) encrypts the payload of a message to prevent tampering. Payment and Unified Checkout events require message-level encryption. This section explains how to create the key that is necessary to decrypt encrypted payloads. To see which events require message-level encryption, see Supported Products and Event Types.

The webhook notification service requires X.509 certificates instead of raw public keys for MLE. The service uses:

Symmetric Encryption
: AES-GCM with 256-bit keys

Asymmetric Encryption
: RSA-OAEP with 2048-bit keys

Format
: JSON Web Encryption

Separate key pairs for request and response transactions

Prerequisite

OpenSSL must be installed on your system.

You must have access to terminal/command line.

You must appropriate permissions to create the asymmetric key in the Cybersource system.

Back to top