Skip to content

Webhooks

A Webhook is an API that provides with real-time information.

Info

SIBS uses webhooks to inform the merchants regarding changes to a transaction payment status.

The Merchant can receive the notifications either by email or endpoint (notification assembling to the status inquiry – Checkout Status), however only a notification will be sent for each transaction. 

Notifications sent straight to the endpoint (URL) configured by the Merchant. The parameterisation of this endpoint needs to be done on the SIBS BackOffice. 

Each time that SIBS Gateway receives an update on the payment status of a transaction, a notification will be sent with the new transaction paymentStatus

Every day SIBS Gateway sends a summarised email with the newest failed notifications (email needs to be registered on the Backoffice). 

Notification

There is no guarantee on the order of messages, especially if the time difference between the notifications is smaller than the time it takes to process them or by any communication or systems issues. Once the issues are sort out, new notifications will arrive in real time and old notifications will be resent. In case that no notification is received, the option “Checkout Status” should be used before rejecting any transaction.

Notifications are sent as HTTPS callbacks (webhooks) to an endpoint on your server. Please ensure you have a valid SSL certificate chain. Self-signed certificates are not valid. 

To receive notifications, you need a server that has: 
  • An endpoint that can receive an HTTP POST. 
  • An open TCP port for HTTPS traffic (443, 80) with TLSv1.2. 

Depending on your network and security requirements, you might also need to add our network to your firewall’s whitelist. 

To ensure that your server is properly accepting notifications, we require you to acknowledge every notification of any type with an HTTP 200 and a response containing: 

{
    "statusCode": "200",
    "statusMsg": "Success",
    "notificationID": "2533e456-5e36-42c8-9eea-7961902f185e"
} 
When your server receives a notification it should: 
  • 1. Decrypt the notification

  • 2. Store the notification in your database

  • 3. Acknowledge the notification with an HTTP 200 OK and the following response body:

{
    "statusCode": "200",
    "statusMsg": "Success",
    "notificationID": "2533e456-5e36-42c8-9eea-7961902f185e"