API Overview

Webhooks Implementation Guide
- Limited Availability Release
- Recent Revisions to This Document
- VISA Platform Connect: Specifications and Conditions for Resellers/Partners

Introducing Webhooks
- Webhooks Benefits
- Webhooks Requirements
- Webhooks Workflow Options

Set Up Webhooks
- Subscribing to Webhooks Using Mutual Trust
  - Setting Up Server Security
  - Create a Shared Secret Key Pair
  - Requesting a Digital Signature Key
    - Required Fields for Requesting a Digital Signature Key
    - Example: Requesting a Digital Signature Key
  - Products and Events
    - Requesting a List of Products and Events
    - Example: Requesting a List Products and Event
  - Subscribing to Webhooks Using Mutual Trust
    - Required Fields for Subscribing to Webhooks Using Mutual Trust
    - Optional Fields for Subscribing to Webhooks Using Mutual Trust
    - Example: Creating a Webhook Subscription Using Mutual Trust
    - Notification Scope
    - Health Check URL
    - Subscription Status
    - Product and Event Types
  - Notification Format
    - Example: Notification Payload
- Subscribing to Webhooks Using OAuth
  - Setting Up Server Security
  - Create a Shared Secret Key Pair
  - Requesting a Digital Signature Key
    - Required Fields for Requesting a Digital Signature Key
    - Example: Requesting a Digital Signature Key
  - Sending OAuth Credentials
    - Required Fields for Sending Your OAuth Credentials
    - Example: Sending Your OAuth Credentials
  - Products and Events
    - Requesting a List of Products and Events
    - Example: Requesting a List Products and Event
  - Subscribing to Webhooks Using OAuth
    - Required Fields for Subscribing to Webhooks Using OAuth
    - Optional Fields for Subscribing to Webhooks Using OAuth
    - Example: Creating a Webhook Subscription Using OAuth
    - Notification Scope
    - Health Check URL
    - Subscription Status
    - Product and Event Types
  - Notification Format
    - Example: Notification Payload
- Subscribing to Webhooks Using OAuth with JWT
  - Setting Up Server Security
  - Create a P12 File
  - Requesting a Digital Signature Key
    - Required Fields for Requesting a Digital Signature Key
    - Example: Requesting a Digital Signature Key
  - Sending OAuth Credentials
    - Required Fields for Sending Your OAuth Credentials
    - Example: Sending Your OAuth Credentials
  - Products and Events
    - Requesting a List of Products and Events
    - Example: Requesting a List Products and Event
  - Subscribe to Webhooks Using OAuth with JWT
    - Required Fields for Subscribing to Webhooks Using OAuth with JWT
    - Optional Fields for Subscribing to Webhooks Using OAuth with JWT
    - Example: Creating a Webhook Subscription Using OAuth with JWT
    - Notification Scope
    - Health Check URL
    - Subscription Status
    - Product and Event Types
  - Notification Format
    - Example: Notification Payload

Managing Subscriptions
- Retrieving the Details of a Webhook Subscription
  - Example: Retrieving the Details of a Webhook Subscription
- Retrieving an Organization's Subscriptions Using the Product and Event
  - Required Query Parameters for Retrieving an Organization's Subscriptions Using the Product and Event
  - Example: Retrieving an Organization's Subscriptions Using the Product and Event
- Updating a Webhook Subscription
  - Example: Updating a Webhook Subscription
- Deleting a Webhook Subscription
  - Example: Deleting a Webhook Subscription
- Testing a Webhook Subscription
  - Example: Testing a Webhook Subscription
- Activating a Webhook Subscription
  - Example: Activate a Webhook Subscription
- Deactivating a Webhook Subscription
  - Example: Deactivate a Webhook Subscription

Troubleshooting Webhook Subscriptions

Health Check URL

Create REST API Keys
- Create a P12 File
- Create a Shared Secret Key Pair

Requesting a Digital Signature Key

Product and Event Types
- Requesting a List of Products and Events

Optional Tasks
- Notification Validation
  - Digital Signature Format
  - Validating a Notification
  - Example: Validating a Notification
- Retry Policy
  - Example: Retry Policy in a Subscription Request
- Test Webhook Requests
  - Test Webhook Notification

Notification Validation

Webhook notifications are sent with a digital signature that you can use to validate the integrity of the notification and prevent replay attacks. You must first generate a digital signature key.

Related Information

Requesting a Digital Signature Key for Mutual Trust

Requesting a Digital Signature Key for OAuth

Requesting a Digital Signature Key for OAuth with JWT