Skip to main content

What you’ll build

A webhook handler that receives signed payment events from Request Network, verifies the signature, and triggers your downstream systems — order fulfillment, invoice closeout, accounting entries, customer email. Polling-free, idempotent, retry-safe. Audience: any backend integrating Request Network where payment events drive state changes downstream.

The 12 events

For the full payload schemas, see the Webhooks reference.

Setup

1

Get a Client ID

Complete steps 1–3 of the Quickstart. Note your clientId.
2

Register your webhook URL

POST https://auth.request.network/v1/webhook with header x-client-id: <yours> and body { "url": "https://yourapp.com/webhooks/request-network" }.Save the returned secret immediately — it’s only shown once.
3

Test delivery

Fire a test event from the auth API docs with body { "eventType": "payment.confirmed" }. The request will arrive with header x-request-network-test: true.

Handler — reference implementation

A signature-verifying Express handler with idempotency. Hardened for production: verifies against the raw body, uses constant-time comparison, deduplicates on x-request-network-delivery.

Headers reference

Retry policy

After 4 total attempts (initial + 3 retries) the delivery is dropped. Triggers: any non-2xx response, timeout, connection error. Default request timeout is 5s.

Common patterns

Idempotency

The same payment.confirmed event might arrive twice (network blip, retry overlap). Dedupe on x-request-network-delivery.

Routing by Client ID

If your platform has many merchants, give each their own Client ID. The webhook payload includes clientId so you can route events to the right tenant.

Slack alerts on failure

Crypto-to-fiat status tracking

The payment.processing event includes a subStatus field that progresses through initiated → pending_internal_assessment → ongoing_checks → sending_fiat → fiat_sent. Surface this in your UI so the payee sees real-time offramp progress.

Local development

Use ngrok to expose localhost during development:
Local URLs (localhost, 127.0.0.1) are accepted by the auth API for testing. HTTPS is required in production.

Webhooks reference

Full payload schemas for every event type.

Webhooks & Events

High-level concepts and event categories.