Overview
Webhooks deliver real-time notifications when payment and request events occur. Configure your endpoints to receive HMAC-signed POST requests with automatic retry logic and comprehensive event data.Webhook Configuration
Webhooks are managed programmatically via the Auth API atauth.request.network β there is no Dashboard UI for webhook CRUD. Each webhook is scoped to the Client ID that creates it; events for any payment link or request created with that Client ID are delivered to that webhook.
Create a webhook
Manage webhooks
All endpoints acceptx-client-id and operate on the webhooks owned by that Client ID.
Open the Auth API Scalar docs to call these interactively with your wallet session β signing in to the Dashboard sets the session cookie thatβs shared across all
*.request.network services.
Local Development
Use ngrok to receive webhooks locally, then pass the public URL toPOST /v1/webhook:
Event Types
See Payload Examples below for detailed webhook structures.
Payment Events (core)
Payment Events (Client ID-scoped)
Emitted in addition to the core events when the originating request was created with a Client ID. Payload includes extraclientId and origin fields.
Payment Events (Checkout / Secure Payment-scoped)
Emitted in addition to the core events when the request was created via a Secure Payment / checkout flow.Processing Events
Request Events
Compliance Events
Security Implementation
Signature Verification
Every webhook includes an HMAC SHA-256 signature in thex-request-network-signature header:
Security Requirements
- HTTPS only: Production webhooks require HTTPS endpoints
- Always verify signatures: Never process unverified webhook requests
- Keep secrets secure: Store signing secrets as environment variables
- Return 2xx for success: Any 2xx status code confirms successful processing
Request Headers
Each webhook request includes these headers:Retry Logic
Automatic Retries
- Max attempts: 3 retries (4 total attempts)
- Retry delays: 1s, 5s, 15s
- Trigger conditions: Non-2xx response codes, timeouts, connection errors
- Timeout: 5 seconds per request
Response Handling
Error Logging
Request API logs all webhook delivery failures with:- Endpoint URL
- Attempt number
- Error details
- Final failure after all retries
Payload Examples
All payment events include anexplorer field linking to Request Scan for transaction details.
Common Fields:
requestId/requestID: Unique identifier for the payment requestpaymentReference: Short reference, also unique to a request, used to link payments to the requesttimestamp: ISO 8601 formatted event timestamppaymentProcessor: Eitherrequest-network(crypto) orrequest-tech(fiat)
Payment Confirmed
Payment Processing
Payment Partial
Payment Failed
Compliance Updated
Implementation Examples
For a complete working example, see Webhook reconciliation which implements webhook handling for payment notifications.- Express.js
- Next.js
Testing
Test deliveries
Fire a test webhook from the Auth API:x-request-network-test: true header so handlers can branch on test vs real.
Test Webhook Identification
Test webhooks include thex-request-network-test: true header:
Best Practices
Error Handling
- Implement idempotency: Use delivery IDs to prevent duplicate processing
- Graceful degradation: Handle unknown event types without errors
Performance
- Timeout management: Complete processing within 5 seconds
Troubleshooting
Common Issues
Signature verification fails:- Check your signing secret matches the value returned by
POST /v1/webhookat creation - Ensure youβre using the raw request body for signature calculation
- Verify HMAC SHA-256 implementation
- Confirm endpoint URL is accessible via HTTPS
- Verify endpoint returns 2xx status codes
- Confirm the webhook is
activeviaGET /v1/webhook(toggle withPUT /v1/webhook/:id)
Debugging Tips
- Use ngrok request inspector to see raw webhook data
- Monitor retry counts in headers to identify issues
- Fire test deliveries via
POST /v1/webhook/test
Related Documentation
Webhooks & Events
High-level webhook concepts and workflow
Webhook reconciliation
Complete webhook implementation example
Authentication
API credential setup and webhook security
Request Dashboard
Manage Client IDs and payment destinations (webhooks are managed via the Auth API above)