Skip to main content
POST
cURL

Authorizations

Authorization
string
header
required

Basic authentication header of the form Basic <encoded-value>, where <encoded-value> is the base64-encoded string username:password.

Headers

Idempotency-Key
string

A unique key for making the request idempotent. Must match pattern: ^[a-zA-Z0-9\-_:\.]+$. See Idempotent Requests for more details.

Maximum string length: 255
Pattern: ^[a-zA-Z0-9\-_:\.]+$

Body

application/json
eventSigner
string
required

Secret used to sign outbound webhook events. Provide a value that you will use to verify the signature.

Example:

"secret_key"

endpoint
string
required

Public HTTPS URL where xPay should POST webhook events.

Example:

"https://your-webhook-endpoint.com/webhook"

subscribedEventTypes
string[]
required

List of event types to subscribe to. Refer to webhook events for the full list of available events.

Example:

Response

Webhook configuration created successfully. Returns the identifier of the newly created webhook.

Response payload returned after successfully creating a webhook configuration.

webhookConfigId
string
required

Identifier of the newly created webhook configuration.

Example:

"whc_gKAi2oZN1AeU7BfV"