API Overview

Webhooks Implementation Guide
- Limited Availability Release
- Recent Revisions to This Document
- VISA Platform Connect: Specifications and Conditions for Resellers/Partners

Introduction to Webhooks

How to Prepare Your System to Support Webhooks

How to Set Up Webhook Subscriptions

Supported Products and Event Types

Set Up Your Server Security

Create REST API Keys
- Create a Shared Secret Key Pair
- Create a P12 Certificate

Create a Digital Signature Key

Provide Your OAuth Credentials

Retrieve a List of Products and Events

Create a Webhook Subscription
- Create a Webhook Subscription Using Mutual Trust
- Create a Webhook Subscription Using OAuth
- Create a Webhook Subscription Using OAuth with JWT
- Examples of all Products and Event Types

Optional Set-Up Tasks
- Webhook Health Check URL and Automatic Revalidation
- Configure the Retry Policy
- Validate a Webhook Notification

Webhook Notification Header and Message Body Descriptions

Create a Sample Webhook Subscription

Manage Webhook Subscriptions Requests
- Retrieve the Details of a Webhook Subscription
- Retrieve all of an Organization's Subscriptions
- Update a Webhook Subscription
- Delete a Webhook Subscription
- Verify a Webhook Subscription's Configuration
- Activate a Webhook Subscription
- Deactivate a Webhook Subscription

Troubleshooting Webhook Subscriptions

On This Page

Validating a Notification

Follow these steps to validate the integrity of your webhook notifications.

Separate the signature parameters with a semicolon (;) and extract the

t

,

keyId

, and

sig

values.

Use the

keyId

value to fetch the digital signature key.

Generate the payload by concatenating the timestamp with a period (.) and the payload from the body of the notification.

Use the SHA256 algorithm to encrypt the generated payload from Step 3 using the key from Step 2.

Verify that the encrypted value matches the value in

sig

parameter.

Back to top