Limited Availability Release

Recent Revisions to This Document

About This Guide

VISA Platform Connect: Specifications and Conditions for Resellers/Partners

Introducing Webhooks
- Webhooks Benefits
- Webhooks Requirements
- Webhooks Workflow Options

Set Up Webhooks
- Mutual Trust Subscriptions
  - Set Up Server Security
  - Creating a Shared Secret Key Pair
  - Request a Digital Signature Key
    - Required Fields for Digital Signature Key
    - Example: Requesting a Digital Signature Key
  - Products and Events
    - Request a List of Products and Events
    - Example: Requesting a List Products and Event
  - Subscribe to Webhooks Using Mutual Trust
    - Required Fields for Subscribing to Webhooks Using Mutual Trust
    - Optional Fields for Subscribing to Webhooks Using Mutual Trust
    - Example: Creating a Webhook Subscription Using Mutual Trust
    - Notification Scope
    - Health Check URL
    - Subscription Status
    - Product and Event Types
  - Notification Format
    - Example: Notification Payload
- OAuth Subscriptions
  - Set Up Server Security
  - Creating a Shared Secret Key Pair
  - Request a Digital Signature Key
    - Required Fields for Digital Signature Key
    - Example: Requesting a Digital Signature Key
  - Send OAuth Credentials
    - Required Fields for Sending Your OAuth Credentials
    - Example: Sending Your OAuth Credentials
  - Products and Events
    - Request a List of Products and Events
    - Example: Requesting a List Products and Event
  - Subscribe to Webhooks Using OAuth
    - Required Fields for Subscribing to Webhooks Using OAuth
    - Optional Fields for Subscribing to Webhooks Using OAuth
    - Example: Creating a Webhook Subscription Using OAuth
    - Notification Scope
    - Health Check URL
    - Subscription Status
    - Product and Event Types
  - Notification Format
    - Example: Notification Payload
- OAuth with JWT Subscriptions
  - Set Up Server Security
  - Creating a PKCS12 File
  - Request a Digital Signature Key
    - Required Fields for Digital Signature Key
    - Example: Requesting a Digital Signature Key
  - Send OAuth Credentials
    - Required Fields for Sending Your OAuth Credentials
    - Example: Sending Your OAuth Credentials
  - Products and Events
    - Request a List of Products and Events
    - Example: Requesting a List Products and Event
  - Subscribe to Webhooks Using OAuth with JWT
    - Required Fields for Subscribing to Webhooks Using OAuth with JWT
    - Optional Fields for Subscribing to Webhooks Using OAuth with JWT
    - Example: Creating a Webhook Subscription Using OAuth with JWT
    - Notification Scope
    - Health Check URL
    - Subscription Status
    - Product and Event Types
  - Notification Format
    - Example: Notification Payload

Managing Subscriptions
- Retrieving the Details of a Webhook Subscription
  - Example: Retrieving the Details of a Webhook Subscription
- Retrieving an Organization's Subscriptions Using the Product and Event
  - Required Query Parameters for Retrieving an Organization's Subscriptions Using the Product and Event
  - Example: Retrieving an Organization's Subscriptions Using the Product and Event
- Updating a Webhook Subscription
  - Example: Updating a Webhook Subscription
- Deleting a Webhook Subscription
  - Example: Deleting a Webhook Subscription

Troubleshooting Webhook Subscriptions

REST API Keys
- Creating a REST API Key

Optional Tasks
- Notification Validation
  - Digital Signature Format
  - Validating a Notification
  - Example: Validating a Notification
- Retry Policy
  - Example: Retry Policy in a Subscription Request
- Notification Replay
  - Replaying Notifications Using Transaction Trace Identifiers
    - Required Field for Replaying Notifications Using Transaction Trace Identifiers
    - Example: Replaying Notifications Using Transaction Trace Identifiers
  - Replaying Notifications Using Start Time and End Time
    - Required Fields for Replaying Notifications Using Start and End time
    - Example: Replaying Notifications Using Start and End Time
  - Replaying Notifications Using Hours Back
    - Required Fields for Replaying Notifications using Hours Back
    - Example: Replaying Notifications Using Hours Back
- Testing API Requests
  - Triggering a Test Webhook Notification Using the Token Management Service

On This Page

REST API

Notification Validation

Webhook notifications are sent with a digital signature that you can use to validate the integrity of the notification and prevent replay attacks. You must first generate a digital signature key.

Related Information

Request a Digital Signature Key