Webhooks

Webhooks play an important part in your integration of Cashramp. They are how we'll notify you of any changes that happen to the transactions you initiate, such as a user cancelling, no agents being available, or a successful payment.

Cashramp webhook payload structure

All Cashramp webhook payloads follow the same structure:

  • an event_type field describing the type of event

  • a data object whose contents vary with the type of event.

Here are sample payloads for the different kinds of webhook notifications you might receive:

{
  "event_type": "payment_request.updated",
  "data": {
    "id": "TWVyY2hhbnRQYXltZW50UmVxdWVzdC05ZmQ1Zjk5OS0zOTQzLTRkNTgtYjZmYy02ZmUzYmZkYTM3OGU=",
    "reference": "test_ref_022",
    "status": "completed",
    "customer": {
      "id": "TWVyY2hhbnRDdXN0b21lci0xZmNiYTgzNi01MDNmLTQyMjYtYjgzYy02NzIzNjMxNDM0YWI=",
      "email": "engineering@useaccrue.com",
      "wallet_address": null,
      "country": "GH",
      "currency": "GHS"
    },
    "p2p_payment": {
      "id": "UDJQUGF5bWVudC0xOGRmNmJiNC1hNmQ2LTQyMWUtYjQ0MS04YmFiMmE2YzQ5Yjc=",
      "exchange_rate": "7.95",
      "amount": "159.0",
      "amount_usd": "20.0",
      "fee": "0.3",
    },
    "onchain_address": null,
    "onchain_cryptocurrency": null,
    "onchain_txhash": null,
  }
}

You should respond to our webhook events immediately with 200 OK HTTP status code. Any other response code will be treated as a failed delivery of the event.

Remember to return 200 OK before starting any long-running tasks. Long-running tasks will lead to a request timeout.

Best practices

Webhook Token Verification

Your webhook URL is publicly accessible, and bad actors can send fake data to it in an attempt to trick your application into releasing value to them.

Webhook events sent from Cashramp carry a X-CASHRAMP-TOKEN header. You should check that the header's value matches your webhook token before processing the event.

Last updated