Webhooks

We notify your web applications whenever transaction statuses change through web-hooks. We expect you to set your web-hook URL under your merchant account API settings by now.

Introduction

Webhook

Is also know as web callback or HTTP push API. It's a way for an app to provide other applications with real-time information or data.

The data can also be referred to as webhook or callback data.

The HTTP URL reserved to receive the data from another application(Dusupay) is called a webhook or callback URL

Therefore webhook and callback can be used inter-changeably

Webhook-hash

With reference to the webhook definition or understanding above, the webhook-hash is an extra piece of information that we include in the data sent to the webhook URL.

If you set your webhook-hash value under your merchant account API settings to say "XYZ", we will include a header webhook-hash with value "XYZ" Header: "webhook-hash: XYZ" This means that before your application where the webhook URL targets, receives data from Dusupay, it should first verify that the header "webhook-hash" contains the expected value "XYZ" known between Dusupay and the application receiving the information sent to the webhook URL as an extra level of security

NOTE We don't generate or provide you the webhook hash You are expected to simply generate a random string of at least 16 characters that cannot be guessed. Use it as the webhook hash value wherever you require to and set it under your merchant account.

NOTES

  1. All collection and payout transaction callbacks will be sent to the URL set as the webhook url under your merchant account API settings.

  2. A POST request with json data will be sent to your webhook url

  3. We require that you provide a secure webhook url. Therefore only, https URLs can be set or notified.

  4. You will need to acknowledge receipt of the callback by responding with the HTTP status code 200. Otherwise, we might keep calling your webhook URL at an interval of 10 minutes for 3 days.

  5. To ensure that the callback data sent to your webhook URL comes from our servers, you need to set a callback hash under the Api Settings.

  6. We will include a header called, webhook-hash in the request sent to the callback URL. e.g "webhook-hash: ***"

    You should check to make sure the, webhook-hash we sent matches what was set under your merchant account before giving value to the customer.

Responding to webhooks

  • We will stop calling you back if your callback URL responds with “HTTP status codes” below;

Code

Description

200

- OK

400

- Bad Request

401

- Unauthorised

403

- Forbidden

422

- Unprocessable entity.

Rejecting webhook

  • In a scenario where the transaction cannot be processed or you cannot give value, respond with HTTP codes below;

Code

Description

400

- Bad Request. - e.g when there’s a missing parameter

422

- Unprocessable entity. - e.g when the request is fine but you cannot complete it because the amount does not match what you expected.

KEYNOTE

Always verify the, amount to make sure it matches what is meant to be paid before giving value to the customer.

{
    "id": 226,
    "request_amount": 0.2,
    "request_currency": "USD",
    "account_amount": 737.9934,
    "account_currency": "UGX",
    "transaction_fee": 21.4018,
    "total_credit": 716.5916,
    "customer_charged": false,
    "provider_id": "mtn_ug",
    "merchant_reference": "76859aae-f148-48c5-9901-2e474cf19b71",
    "internal_reference": "DUSUPAY405GZM1G5JXGA71IK",
    "transaction_status": "COMPLETED",
    "transaction_type": "collection",
    "message": "Transaction Completed Successfully",
    "account_number": "256777111786 - Optional",
    "account_name": "- Optional",
    "institution_name": "MTN Mobile Money - Optional"
}

Last updated