Add Webhook

Add Webhook

curl --request POST \
  --url https://secureapi.tender.cash/v1/api/webhook \
  --header 'Content-Type: <content-type>' \
  --header 'authorization: <api-key>' \
  --header 'x-access-id: <x-access-id>' \
  --header 'x-request-id: <x-request-id>' \
  --header 'x-timestamp: <x-timestamp>' \
  --data '
{
  "url": "https://example.com/webhook",
  "description": "Transaction notifications",
  "eventTypes": [
    "transaction_completed"
  ],
  "headers": {
    "api-key": "your-api-key"
  }
}
'

{
  "status": "<string>",
  "message": "<string>",
  "data": {
    "_id": "<string>",
    "merchantId": "<string>",
    "description": "<string>",
    "url": "<string>",
    "eventTypes": [
      "<string>"
    ],
    "headers": {},
    "isActive": true,
    "isDeleted": true,
    "createdAt": "2023-11-07T05:31:56Z",
    "updatedAt": "2023-11-07T05:31:56Z"
  }
}

POST

api

webhook

Add Webhook

curl --request POST \
  --url https://secureapi.tender.cash/v1/api/webhook \
  --header 'Content-Type: <content-type>' \
  --header 'authorization: <api-key>' \
  --header 'x-access-id: <x-access-id>' \
  --header 'x-request-id: <x-request-id>' \
  --header 'x-timestamp: <x-timestamp>' \
  --data '
{
  "url": "https://example.com/webhook",
  "description": "Transaction notifications",
  "eventTypes": [
    "transaction_completed"
  ],
  "headers": {
    "api-key": "your-api-key"
  }
}
'

{
  "status": "<string>",
  "message": "<string>",
  "data": {
    "_id": "<string>",
    "merchantId": "<string>",
    "description": "<string>",
    "url": "<string>",
    "eventTypes": [
      "<string>"
    ],
    "headers": {},
    "isActive": true,
    "isDeleted": true,
    "createdAt": "2023-11-07T05:31:56Z",
    "updatedAt": "2023-11-07T05:31:56Z"
  }
}

Headers

authorization

string

required

Base64-encoded HMAC-SHA256 signature of the request payload using the API secretMinimum string length: 1Example:

"5e73d044c44d733fcf819ad3409aaaddca840d421b69cb0b04e2c750fc62e-ce7526d36296237663ad1f06f62a730c0466516507196b3ce6567493c-c52a7cf63d"

x-timestamp

string

required

Current timestamp in ISO 8601 formatExample: "2025-03-15T09:45:53.000Z"

x-request-id

string

required

Unique identifier for the request (UUID v4)Example: "550e8400-e29b-41d4-a716-446655440000"

x-access-id

string

required

Your API access ID provided by TenderExample: "your-access-id-here"

Content-Type

string

required

Media type of the request bodyExample: "application/json"

Body

url

string

required

Webhook endpoint URL to receive event notificationsExample: "https://example.com/webhook"

description

string

Description of the webhook purposeExample: "Transaction notifications"

eventTypes

array

required

Array of event types to subscribe toExample: ["transaction_completed"]

headers

object

Custom headers to include in webhook requests (optional)Example: { "api-key": "your-api-key" }

Response

status

string

required

Status of the API requestExample: "success"

message

string

required

Human-readable message describing the resultExample: "success"

data

object

required

The created webhook configuration

Show data properties

_id

string

Unique MongoDB identifier for the webhookExample: "691069ff947a702cfad9e861"

merchantId

string

Merchant ID associated with the webhookExample: "6538e8f9bdec6d1a21978a64"

description

string

Description of the webhookExample: "new example webhooks"

url

string

Webhook endpoint URLExample: "https://exampleiop.com"

eventTypes

array

Array of subscribed event typesExample: ["transaction_completed"]

headers

object

Custom headers for webhook requestsExample: { "api-key": "allow-requior" }

isActive

boolean

Whether the webhook is currently activeExample: true

isDeleted

boolean

Whether the webhook has been deletedExample: false

createdAt

string

ISO 8601 timestamp when the webhook was createdExample: "2025-11-09T10:16:31.594Z"

updatedAt

string

ISO 8601 timestamp when the webhook was last updatedExample: "2025-11-09T10:18:35.286Z"

__v

number

Version key for MongoDB documentExample: 0

Authorizations

authorization

string

header

required

HMAC-SHA256 signature. Required headers: x-access-id, x-request-id (UUID), x-timestamp (ISO), authorization (HMAC signature)

Headers

authorization

string

required

Base64-encoded HMAC-SHA256 signature of the request payload using the API secret

x-timestamp

string<date-time>

required

Current timestamp in ISO 8601 format

x-request-id

string<uuid>

required

Unique identifier for the request (UUID v4)

x-access-id

string

required

Your API access ID provided by Tender

Content-Type

string

required

Media type of the request body

Body

application/json

url

string<uri>

required

Webhook endpoint URL

Example:

"https://example.com"

eventTypes

string[]

required

Event types to subscribe to

Example:

["transaction_completed"]

description

string

Description of the webhook

Example:

"Transaction notifications"

headers

object

Custom headers to include in webhook requests

Example:

{ "api-key": "your-api-key" }

Response

200 - application/json

Webhook created successfully

status

string

message

string

data

object

Show child attributes

Fetch Exchange Rates Fetch Webhook

Overview

Agents & businesses

Payment

System

Webhooks

Headers

Body

Response

Authorizations

Headers

Body

Response

Overview

Agents & businesses

Payment

System

Webhooks

​Headers

​Body

​Response

Authorizations

Headers

Body

Response

Headers

Body

Response