Create Webhook
Registers a new webhook endpoint limited to domains already approved on your point of sale configuration. A maximum of 10 active webhooks is allowed per merchant. Each webhook must subscribe to one or more supported events and include a shared secret used as the value of the `Authorization` header when sending webhook. Webhooks that fail more than 50% of the time during the previous week will automatically be paused with reason `ERROR_RATE_TOO_HIGH`. This helps ensure stable operation by minimizing excessive webhook retries. :::info Webhooks are not required Webhooks are separate from the main payment flow and act as a general event notification system. You should use them only if you need to track changes to your ePay data in a system that is different from the one initiating the request. For all payment-related operations, you should use the `notificationUrl` provided in each request. This is the primary mechanism for receiving the outcome of a payment or operation. :::
Authorization
BearerAuth In: header
Header Parameters
Ensures that a request can be safely retried without causing duplicate operations. Typically used for actions like payment creation and operations such as refund and void to prevent accidental double processing. - If a response is replayed due to using the same key, the response will include the header `Idempotent-Replayed: true`. - Idempotency keys are scoped by **[Key, Endpoint, HTTP Verb]**; the same key on a different endpoint or method will not replay the original response. - Responses are cached for **24 hours**. After that, the cache is cleared, so idempotency is only guaranteed within 24 hours of the initial request.
Request Body
application/json
Webhook configuration payload.
TypeScript Definitions
Use the request body type in TypeScript.
Payload for registering a webhook endpoint.
HTTPS URL that will receive webhook notifications. Must match one of your approved point-of-sale domains.
uriList of webhook events to subscribe to. Duplicate values are rejected.
1 <= items"transaction.success.v1""transaction.failed.v1""transaction.captured.v1""transaction.refunded.v1""transaction.voided.v1""transaction.renewed.v1""subscription.disabled.v1""subscription-billing.charge-created.v1""subscription-billing.charge-success.v1""subscription-billing.charge-failed.v1""subscription-billing.agreement-active.v1""subscription-billing.agreement-stopped.v1""settlement.transfer-ready.v1"Shared secret used as the value of the `Authorization` header during webhook callback.
1 <= length <= 2048Response Body
application/json
application/json
application/json
application/json
List Webhooks
Returns a paginated list of active webhooks configured for the authenticated merchant. Use this endpoint to audit webhook destinations, verify subscribed events, and ensure each webhook aligns with your point-of-sale domains. Webhooks are not required Webhooks are separate from the main payment flow and act as a general event notification system. You should use them only if you need to track changes to your ePay data in a system that is different from the one initiating the request. For all payment-related operations, you should use the notificationUrl provided in each request. This is the primary mechanism for receiving the outcome of a payment or operation.
Delete Webhook
Deletes a webhook configuration, stopping ePay from delivering further notifications to the URL. Webhooks are not required Webhooks are separate from the main payment flow and act as a general event notification system. You should use them only if you need to track changes to your ePay data in a system that is different from the one initiating the request. For all payment-related operations, you should use the notificationUrl provided in each request. This is the primary mechanism for receiving the outcome of a payment or operation.