Webhooks

透過 API 的串接進行 Webhook 主題的訂閱

Webhook topics

Topic	Event
payment_result	付款結果
merchant_file_review	商家檔案審核

Webhook payload

payment_resultpayload

{
    "ConnectId": "26c06b86-1324-48b6-8017-29e4efa649e6",
    "RequestId": "09020f76-1405-4db2-b30a-ba30de629c05",
    "Status": "Success",
    "OrderNo": "12345678",
    "PaymentNo": "12345678",
    "PaymentIntentId": "pp_1a304818ced44e5cbeab6107400da3c4",
    "TransactionNo": "4000002312251234756",
    "PaidAt": "2023-12-25T18:10:00+00:00",
    "CreatedAt": "2023-12-25T18:00:00+00:00",
    "Amount": 100,
    "Currency": "TWD",
    "PaymentType": "CreditCard",
    "PaymentSubtype": "",
    "PayLink": {
        "uuid": "8ab210b5-e1f4-4242-b344-7c3a56c08ba9"
    },
    "Meta": {
        "LastFourDigitsOfCard": "1234",
        "ApprovalCode": "123456",
        "CardType": "",
        "Installments": 1
    }
}

Webhook headers

除了payload之外，每個 Webhook 訊息還具有各種包含附加的標頭。

例如，payment_result 包含以下標頭：

X-Payment-Center-Topic: `payment_result`
X-Payment-Center-Webhook-Id: `999`
X-Payment-Center-Hmac-Sha256: `F9E1AB6630980C7B4701798046C1E2BFF1EC7E6DDF70CA27E5AD66A0B27ED575`
X-Payment-Center-API-Version: `v1`
X-Payment-Center-Triggered-At: `2023-12-25T18:00:00+00:00`

驗證 webhook

在回應 Webhook 之前，您需要驗證 Webhook 是否是從 PayNow 發送的。您可以透過數位簽章來驗證 Webhook。

每個 Webhook 請求都包含一個HMAC-SHA256的 X-Payment-Center-Hmac-Sha256 標頭，該標頭是使用用戶端{{YOUR_PRIVATE_KEY}}以及請求中發送的payload產生的。

響應 webhooks

當您收到 Webhook 之一時，您需要執行以下操作：

透過使用系列狀態代碼進行回應，確認您已收到請求200。

Webhooks

Webhook topics​

Webhook payload​

Webhook headers​

驗證 webhook​

響應 webhooks​

Webhook topics

Webhook payload

Webhook headers

驗證 webhook

響應 webhooks