Set up a webhook

post/companies/{companyId}/webhooks

Subscribe to receive webhook notifications about events related to your company account. You can add basic authentication to make sure the data is secure.

To make this request, your API credential must have the following roles:

Management API—Webhooks read and write

Endpoint destination URL

https://management-test.adyen.com/v1/companies/{companyId}/webhooks

Path Parameters

Required

Optional

Unique identifier of the company account.

Request Parameters

Required

Optional

Indicates if expired SSL certificates are accepted. Default value: false.

Indicates if self-signed SSL certificates are accepted. Default value: false.

Indicates if untrusted SSL certificates are accepted. Default value: false.

Indicates if the webhook configuration is active. The field must be true for us to send webhooks about events related an account.

Additional shopper and transaction information to be included in your standard notifications. Find out more about the available additional settings.

Show children

Format or protocol for receiving webhooks. Possible values:

soap
http
json

Your description for this webhook configuration.

Shows how merchant accounts are filtered when configuring the webhook.

Possible values:

allAccounts : Includes all merchant accounts, and does not require specifying filterMerchantAccounts.
includeAccounts : The webhook is configured for the merchant accounts listed in filterMerchantAccounts.
excludeAccounts : The webhook is not configured for the merchant accounts listed in filterMerchantAccounts.

A list of merchant account names that are included or excluded from receiving the webhook. Inclusion or exclusion is based on the value defined for filterMerchantAccountType.

Required if filterMerchantAccountType is either:

includeAccounts
excludeAccounts

Not needed for filterMerchantAccountType: allAccounts.

Network type for Terminal API notification webhooks. Possible values:

public
local

Default Value: public.

Password to access the webhook URL.

Indicates if the SOAP action header needs to be populated. Default value: false.

Only applies if communicationFormat: soap.

SSL version to access the public webhook URL specified in the url field. Possible values:

TLSv1.3
TLSv1.2
HTTP - Only allowed on Test environment.

If not specified, the webhook will use sslVersion: TLSv1.2.

The type of webhook that is being created. Possible values are:

standard
account-settings-notification
banktransfer-notification
boletobancario-notification
directdebit-notification
ach-notification-of-change-notification
pending-notification
ideal-notification
ideal-pending-notification
report-notification
rreq-notification

Find out more about standard notification webhooks and other types of notifications.

Public URL where webhooks will be sent, for example https://www.domain.com/webhook-endpoint.

Max length: 255

Username to access the webhook URL.

Response parameters

After submitting a call, you receive a response message to inform you that your request was received and processed.

Depending on the HTTP status code of the response message, it is helpful to build some logic to handle any errors that a request or the system may return.

HTTP Responses

200 - OK
The request has succeeded.
Show moreShow less
_linksobject
References to resources connected with this webhook.
Show children Hide children
companyobject
The company account that the webhook is configured for. Only present for company-level webhooks.
Show children Hide children
hrefstring
generateHmacobject
Generate an HMAC key.
Show children Hide children
hrefstring
merchantobject
The merchant account that the webhook is configured for. Only present for merchant-level webhooks.
Show children Hide children
hrefstring
selfobject
Link to the resource itself.
Show children Hide children
hrefstring
testWebhookobject
Test the webhook setup.
Show children Hide children
hrefstring
acceptsExpiredCertificateboolean
Indicates if expired SSL certificates are accepted. Default value: false.
acceptsSelfSignedCertificateboolean
Indicates if self-signed SSL certificates are accepted. Default value: false.
acceptsUntrustedRootCertificateboolean
Indicates if untrusted SSL certificates are accepted. Default value: false.
accountReferencestring
Reference to the account the webook is set on.
activeboolean
Indicates if the webhook configuration is active. The field must be true for you to receive webhooks about events related an account.
additionalSettingsobject
Additional shopper and transaction information to be included in your standard notifications. Find out more about the available additional settings.
Show children Hide children
excludeEventCodesarray[string]
Object containing list of event codes for which the notifcation will not be sent.
includeEventCodesarray[string]
Object containing list of event codes for which the notifcation will be sent.
propertiesobject
Object containing boolean key-value pairs. The key can be any standard webhook additional setting, and the value indicates if the setting is enabled. For example, captureDelayHours: true means the standard notifications you get will contain the number of hours remaining until the payment will be captured.
certificateAliasstring
The alias of our SSL certificate. When you receive a notification from us, the alias from the HMAC signature will match this alias.
communicationFormatstring
Format or protocol for receiving webhooks. Possible values:

soap

http

json

descriptionstring
Your description for this webhook configuration.
filterMerchantAccountTypestring
Shows how merchant accounts are included in company-level webhooks. Possible values:

includeAccounts

excludeAccounts

allAccounts: Includes all merchant accounts, and does not require specifying filterMerchantAccounts.

filterMerchantAccountsarray[string]
A list of merchant account names that are included or excluded from receiving the webhook. Inclusion or exclusion is based on the value defined for filterMerchantAccountType.

Required if filterMerchantAccountType is either:

includeAccounts

excludeAccounts

Not needed for filterMerchantAccountType: allAccounts.
hasErrorboolean
Indicates if the webhook configuration has errors that need troubleshooting. If the value is true, troubleshoot the configuration using the testing endpoint.
hasPasswordboolean
Indicates if the webhook is password protected.
hmacKeyCheckValuestring
The checksum of the HMAC key generated for this webhook. You can use this value to uniquely identify the HMAC key configured for this webhook.
idstring
Unique identifier for this webhook.
networkTypestring
Network type for Terminal API details webhooks.
populateSoapActionHeaderboolean
Indicates if the SOAP action header needs to be populated. Default value: false.

Only applies if communicationFormat: soap.
sslVersionstring
SSL version to access the public webhook URL specified in the url field. Possible values:

TLSv1.3

TLSv1.2

HTTP - Only allowed on Test environment.

If not specified, the webhook will use sslVersion: TLSv1.2.
typestring
The type of webhook. Possible values are:

standard

account-settings-notification

banktransfer-notification

boletobancario-notification

directdebit-notification

ach-notification-of-change-notification

pending-notification

ideal-notification

ideal-pending-notification

report-notification

terminal-api-notification

Find out more about standard notification webhooks and other types of notifications.
urlstring
Public URL where webhooks will be sent, for example https://www.domain.com/webhook-endpoint.
usernamestring
Username to access the webhook URL.
400 - Bad Request
A problem reading or understanding the request.
Show more Show less
detailstring
A human-readable explanation specific to this occurrence of the problem.
errorCodestring
A code that identifies the problem type.
instancestring
A unique URI that identifies the specific occurrence of the problem.
invalidFieldsarray[InvalidFieldWrapper]
Detailed explanation of each validation error, when applicable.
Show children Hide children
InvalidFieldobject
Show children Hide children
messagestring
Description of the validation error.
namestring
The field that has an invalid value.
valuestring
The invalid value.
requestIdstring
A unique reference for the request, essentially the same as pspReference.
responseobject
JSON response payload.
statusinteger
The HTTP status code.
titlestring
A short, human-readable summary of the problem type.
typestring
A URI that identifies the problem type, pointing to human-readable documentation on this problem type.
401 - Unauthorized
Authentication required.
Show more Show less
detailstring
A human-readable explanation specific to this occurrence of the problem.
errorCodestring
A code that identifies the problem type.
instancestring
A unique URI that identifies the specific occurrence of the problem.
invalidFieldsarray[InvalidFieldWrapper]
Detailed explanation of each validation error, when applicable.
Show children Hide children
InvalidFieldobject
Show children Hide children
messagestring
Description of the validation error.
namestring
The field that has an invalid value.
valuestring
The invalid value.
requestIdstring
A unique reference for the request, essentially the same as pspReference.
responseobject
JSON response payload.
statusinteger
The HTTP status code.
titlestring
A short, human-readable summary of the problem type.
typestring
A URI that identifies the problem type, pointing to human-readable documentation on this problem type.
403 - Forbidden
Insufficient permissions to process the request.
Show more Show less
detailstring
A human-readable explanation specific to this occurrence of the problem.
errorCodestring
A code that identifies the problem type.
instancestring
A unique URI that identifies the specific occurrence of the problem.
invalidFieldsarray[InvalidFieldWrapper]
Detailed explanation of each validation error, when applicable.
Show children Hide children
InvalidFieldobject
Show children Hide children
messagestring
Description of the validation error.
namestring
The field that has an invalid value.
valuestring
The invalid value.
requestIdstring
A unique reference for the request, essentially the same as pspReference.
responseobject
JSON response payload.
statusinteger
The HTTP status code.
titlestring
A short, human-readable summary of the problem type.
typestring
A URI that identifies the problem type, pointing to human-readable documentation on this problem type.
422 - Unprocessable Entity
A request validation error.
Show more Show less
detailstring
A human-readable explanation specific to this occurrence of the problem.
errorCodestring
A code that identifies the problem type.
instancestring
A unique URI that identifies the specific occurrence of the problem.
invalidFieldsarray[InvalidFieldWrapper]
Detailed explanation of each validation error, when applicable.
Show children Hide children
InvalidFieldobject
Show children Hide children
messagestring
Description of the validation error.
namestring
The field that has an invalid value.
valuestring
The invalid value.
requestIdstring
A unique reference for the request, essentially the same as pspReference.
responseobject
JSON response payload.
statusinteger
The HTTP status code.
titlestring
A short, human-readable summary of the problem type.
typestring
A URI that identifies the problem type, pointing to human-readable documentation on this problem type.
500 - Internal Server Error
The server could not process the request.
Show more Show less
detailstring
A human-readable explanation specific to this occurrence of the problem.
errorCodestring
A code that identifies the problem type.
instancestring
A unique URI that identifies the specific occurrence of the problem.
invalidFieldsarray[InvalidFieldWrapper]
Detailed explanation of each validation error, when applicable.
Show children Hide children
InvalidFieldobject
Show children Hide children
messagestring
Description of the validation error.
namestring
The field that has an invalid value.
valuestring
The invalid value.
requestIdstring
A unique reference for the request, essentially the same as pspReference.
responseobject
JSON response payload.
statusinteger
The HTTP status code.
titlestring
A short, human-readable summary of the problem type.
typestring
A URI that identifies the problem type, pointing to human-readable documentation on this problem type.

Set up a webhook

Path Parameters

Request Parameters

Response parameters

HTTP Responses

200 - OK

400 - Bad Request

401 - Unauthorized

403 - Forbidden

422 - Unprocessable Entity

500 - Internal Server Error