API Overview

Webhooks Implementation Guide
- Limited Availability Release
- Recent Revisions to This Document
- VISA Platform Connect: Specifications and Conditions for Resellers/Partners

Introduction to Webhooks

How to Prepare Your System to Support Webhooks

How to Set Up Webhook Subscriptions

Supported Products and Event Types

Set Up Your Server Security

Create REST API Keys
- Create a Shared Secret Key Pair
- Create a P12 Certificate

Create a Digital Signature Key

Provide Your OAuth Credentials

Retrieve a List of Products and Events

Create a Webhook Subscription
- Create a Webhook Subscription Using Mutual Trust
- Create a Webhook Subscription Using OAuth
- Create a Webhook Subscription Using OAuth with JWT
- Examples of all Products and Event Types

Optional Set-Up Tasks
- Webhook Health Check URL and Automatic Revalidation
- Configure the Retry Policy
- Validate a Webhook Notification

Webhook Notification Header and Message Body Descriptions

Create a Sample Webhook Subscription

Manage Webhook Subscriptions Requests
- Retrieve the Details of a Webhook Subscription
- Retrieve all of an Organization's Subscriptions
- Update a Webhook Subscription
- Delete a Webhook Subscription
- Verify a Webhook Subscription's Configuration
- Activate a Webhook Subscription
- Deactivate a Webhook Subscription

Troubleshooting Webhook Subscriptions

Digital Signature Format

When you receive a webhook notification from Cybersource, it contains a

v-c-signature

header in this format:

-c-signature: t=1617830804768;keyId=bf44c857-b182-bb05-e053-34b8d30a7a72;sig=CzHY47nzJgCSD/BREtSIb+9l/=";

The header contains these three parameters concatenated with semicolons:

t

: The timestamp at which the digital signature key was created.

keyId

: The digital signature key ID.

sig

: The digital signature. It is encrypted using the HMAC-SHA256 algorithm.

How to Create Your Digital Signature

Create your own digital signature using the above format. Use the key values you received from creating a digital signature key in your digital signature. When you request the creation of a digital signature key, the response contains a digital signature key
and a key ID
. The digital signature key is in the

keyInformation.keyinformation.key

field and the key ID is in the

keyInformation.keyinformation.keyId

field.