What are Webhooks?
Webhooks are HTTP callbacks that FossaPay sends to your server when events occur in your account. They enable you to receive real-time notifications about payments, payouts, settlements, and other important events.Webhooks eliminate the need for polling and ensure your application stays in sync with FossaPay in real-time.
Why Use Webhooks?
Real-time Updates
Get notified immediately when events occur
Reduce Polling
No need to constantly check for updates
Automated Workflows
Trigger actions automatically based on events
Better UX
Update your users instantly about transaction status
Webhook Events
Deposit Events
Withdrawal Events
Transfer Events
Wallet Events
Setting Up Webhooks
Configure Webhook URL
Set your webhook endpoint in the dashboard or via API: Via Dashboard:- Go to Settings → Webhooks
- Enter your webhook URL
- Copy the webhook secret
Webhook URL Requirements
Your webhook endpoint must:- Use HTTPS (HTTP not allowed in production)
- Respond within 30 seconds
- Return a 2xx status code for successful receipt
- Handle duplicate events gracefully
Webhook Payload
All webhooks follow this structure:Implementing Webhook Handler
Basic Handler (Node.js/Express)
Python/Flask Example
Security
Signature Verification
FossaPay signs all webhooks with HMAC SHA256:Retry Logic
If your endpoint doesn’t respond with a 2xx status, FossaPay retries:
After 5 failed attempts, the webhook is marked as failed and no more retries occur.
Idempotency
Webhooks may be delivered more than once. Implement idempotent handling:Testing Webhooks
Local Testing with ngrok
Simulate Webhooks
Test your webhook handler with simulated events:Webhook Logs
View webhook delivery logs in your dashboard:- Go to Settings → Webhooks
- Scroll down to “Webhook Events”
- Filter by event type
- Replay failed webhooks
Best Practices
Respond Quickly
Respond Quickly
Always return 200 immediately, then process asynchronously:
Verify Signatures
Verify Signatures
Never trust webhooks without signature verification:
Handle Duplicates
Handle Duplicates
Use event_id or transaction_id to detect duplicates:
Log Everything
Log Everything
Log all webhook receipts for debugging and auditing:
Monitor Failures
Monitor Failures
Set up alerts for webhook failures:
Webhook Payload Examples
Deposit Completed (Crypto)
Deposit Completed (Fiat)
Withdrawal Completed
Transfer Completed
Transfer Failed
Wallet Balance Updated
Next Steps
Configure Webhooks
Set up your webhook endpoint
View Webhook Logs
Monitor webhook deliveries
Collections Guide
Handle payment webhooks
Payouts Guide
Handle payout webhooks

