Craftgate regularly transmits the results and information of the following transactions to a URL that you define from merchant panel. Thus, you can follow the results of all your payment transactions made through Craftgate, even if the payment flow is interrupted, and you can plan your flows according to the payment results.
In the 3DS payment flow, your requests to the
callbackUrl address are made through the browser. Requests to
callbackUrl address may not be met if the end user stops the flow or problems occur in the user’s internet.
Therefore, our webhook services can be especially useful for tracking 3DS payments and detecting user behavior.
In order to activate the Webhook notification, the
Merchant Webhook URL field under Craftgate panel
General Settings must be filled in. When you accept the
POST requests as the webhook URL
and enter a URL that returns
2xx from the
HTTP codes, Craftgate will send the relevant data after the payments.
Payment, 3D payment and 3D secure verification results are sent to the webhook address you specified in JSON format
POST http method.
While 3DS payment
3D Modelwhich means you should call 3DS complete after 3DS verification,
THREEDS_VERIFYevent type will be sent after 3DS verification and
API_AUTHevent type after 3DS complete.
3D Pay Model, only
API_VERIFY_AND_AUTHevent will be sent instead of
CHECKOUTFORM_AUTHwill be sent.
||The date the request is created|
||Indicates for which operation the request is sent. Values can be:
||The status information of the operation. Values can be:
||ID value of the payment or token information of the Payment Form|
In order to confirm that the requests received on your webhook URL are sent from the Craftgate system,
x-cg-signature sent between the HTTP headers should be checked. The
x-cg-signature is calculated by combining
String the fields sent in the request and taking the Hash with the
For example, when
eventType+eventTime+status+payloadId information is combined as a String for the payment with ID
2150001, which was successfully received on 2022-01-01T09:30:32.123456 using API
When you hash this with the Merchant Webhook Key value in the Craftgate
Merchant Panel Settings section and you get
the Base64 encoded version, the result equals to the