Webhooks
透過 API 的串接進行 Webhook 主題的訂閱
Webhook topics
Topic | Event |
---|---|
payment_result | 付款結果 |
merchant_file_review | 商家檔案審核 |
Webhook payload
payment_result
payload
{
"ConnectId": "26c06b86-1324-48b6-8017-29e4efa649e6",
"RequestId": "09020f76-1405-4db2-b30a-ba30de629c05",
"Status": "Success",
"OrderNo": "12345678",
"PaymentNo": "12345678",
"PaymentIntentId": "pp_1a304818ced44e5cbeab6107400da3c4",
"TransactionNo": "4000002312251234756",
"PaidAt": "2023-12-25T18:10:00+00:00",
"CreatedAt": "2023-12-25T18:00:00+00:00",
"Amount": 100,
"Currency": "TWD",
"PaymentType": "CreditCard",
"PaymentSubtype": "",
"PayLink": {
"uuid": "8ab210b5-e1f4-4242-b344-7c3a56c08ba9"
},
"Meta": {
"LastFourDigitsOfCard": "1234",
"ApprovalCode": "123456",
"CardType": "",
"Installments": 1
}
}
Webhook headers
除了payload
之外,每個 Webhook 訊息還具有各種包含附加的標頭。
例如,payment_result
包含以下標頭:
X-Payment-Center-Topic: `payment_result`
X-Payment-Center-Webhook-Id: `999`
X-Payment-Center-Hmac-Sha256: `F9E1AB6630980C7B4701798046C1E2BFF1EC7E6DDF70CA27E5AD66A0B27ED575`
X-Payment-Center-API-Version: `v1`
X-Payment-Center-Triggered-At: `2023-12-25T18:00:00+00:00`
驗證 webhook
在回應 Webhook 之前,您需要驗證 Webhook 是否是從 PayNow 發送的。您可以透過數位簽章來驗證 Webhook。
每個 Webhook 請求都包含一個HMAC-SHA256的 X-Payment-Center-Hmac-Sha256
標頭,該標頭是使用用戶端{{YOUR_PRIVATE_KEY}}
以及請求中發送的payload
產生的。
響應 webhooks
當您收到 Webhook 之一時,您需要執行以下操作:
- 透過使用系列狀態代碼進行回應,確認您已收到請求
200
。