Our webhooks deliver real-time notifications whenever specific events occur on your account. These events can encompass a range of activities, from successful transactions to failed transactions.

Validating Webhooks

Merchants can easily validate webhooks received from the Kyshi platform using the following steps:

Signature Inclusion: Every webhook sent includes a signature in the headers. This signature is the encrypted webhook data using the merchant's webhook secret key.

Validation on Merchant's End: Merchants can perform the same encryption process on their end using their secret key. They can then compare the resulting signature with the one received. If the signatures match, the merchant can proceed with processing the webhook. However, if the signatures do not match, the merchant must discard the webhook and refrain from processing it.

Webhook events

Here are the events we currently raise. We would add more to this list as we hook into more actions in the future

successfulA successful charge was made

Webhook Parameters And Description

Here are the webhook parameters and their corresponding descriptions:

eventThe webhook event type that was triggered
dataObject containing all transaction details
data.referenceThis is the unique reference generated for the collection
data.amountThe total amount charged for the payout, including transaction fees
data.customerThis is a object that contains customer(s) details
data.customer.idA unique identifier of the customer we just charged the funds
data.customer.firstNameThe first name of the customer we just charged the funds
data.customer.lastNameThe last name of the customer we just charged the funds
data.customer.emailThe email address of the customer we just charged the funds
data.customer.phoneThe phone number of the customer we just charged the funds
data.authorizationThe authorization object contains respective card details or details of what was charged to complete a transaction
data.authorization.authorizationCodeA unique identifier of the said payment mode. this can be reuse
data.authorization.cardTypeThe type of card that was charged
data.authorization.brandthe card brand
data.authorization.last4Cards last four digit
data.authorization.binBIN (Bank Identification Number)
data.authorization.expMonthCard expiry month
data.authorization.expYearCard expiry year
data.logRespective Logs of the API activity