Authorization event
This webhook event is triggered when a payment authorization has been processed, notifying your system that funds have been successfully reserved on the customer's payment method. The event includes transaction details, payment method information, and authentication status to help you track and manage authorized payments.
Webhook Example
{
"checkoutReference": "9eh9g1loq8ygdmtj1kw47dbogkr2qyijyen53hnglpx2eq4213",
"payfacReference": "OOJWITWVQV42PSE8",
"merchantReference": "89807267361535",
"amount": "100000",
"currency": "ISK",
"reason": "383528:1111:03/2030",
"success": "true",
"hmacSignature": "V/iaRHNyBnmqVG1mRCZUQo7HTX2sZGgDsJzajV1hOVs=",
"additionalData": {
"eventType": "Authorization",
"authCode": "123456",
"cardExpiryDate": "03/2030",
"cardUsage": "Debit",
"cardNumber": "411111******1111",
"cardSummary": "1111",
"paymentMethod": "VI",
"threeDAuthenticated": "false",
"paymentLinkIdentifier": "78c5ec6ea95477",
"paymentLinkDescription": "Payment for Custom T-shirt Design",
}
}
Headers
In the Authorization header, we will set the matching Api key for your webhook.
Fields
You will always get these fields.
| Field | Type | Description |
|---|---|---|
| checkoutReference | nullable string | Unique identifier for the payment that was done through a checkout. |
| payfacReference | string | Unique identifier for the transaction generated by the payment service provider. |
| merchantReference | nullable string | The identifier for the transaction provided by you, the merchant, allowing for correlation with the merchant’s system. |
| amount | string | The transaction amount in the minor currency unit. |
| currency | string | The three-letter ISO currency code. |
| reason | nullable string | A field that provides additional context in case of transaction errors or declines, helping diagnose specific issues. |
| success | string | Indicates the transaction status (true/false). |
| hmacSignature | string | A cryptographic signature generated using a secret, enabling verification of the message authenticity and ensuring it hasn’t been tampered with. |
| additionalData | object | An object for the additional details included in the event. |
Additional Data Fields
Fields you will get depend on the event type of the webhook.
| Field | Type | Description |
|---|---|---|
| eventType | string | A string representing the type of event that occurred. |
| authCode | nullable string | An authorization code is a unique series of letters or numbers generated by a card issuer or bank to validate a card transaction. |
| cardExpiryDate | nullable string | Card expiration date in "MM/yyyy" format. |
| cardNumber | nullable string | A partially masked PAN. |
| cardSummary | nullable string | Last 4 digits of PAN. |
| cardUsage | nullable string | The source of funds used for a authorization. |
| paymentMethod | nullable string | The payment method used in the authorization. |
| threeDAuthenticated | nullable string | Indicates if 3D Secure authentication was completed for this authorization. |
| untokenizedCardSummary | nullable string | Last 4 digits of original PAN in case of network payment. |
| paymentLinkIdentifier | nullable string | A unique identifier for the payment link used to create authorization. |
| paymentLinkDescription | nullable string | A human-readable description of the payment link. |