POST request to your registered webhook URL with the final status.
Setting up your webhook URL
Reeple doesn’t currently offer a self-service dashboard for webhook configuration. Contact Reeple to register your webhook URL. Make sure the URL is publicly reachable and doesn’t require authentication to accept the request.
Payload shape
| Field | Data type | Description |
|---|---|---|
event | String | transfer.success, transfer.failed, charge.success, or charge.failed |
data | Object | The transaction details: amount, fee, currency, status, reference |
data.amount | Number | Transaction amount |
data.fee | Number | Transaction fee |
data.currency | String | Transaction currency |
data.status | String | success or failed |
data.reference | String | Transaction reference — use this to look up the transaction via Get transaction by reference |
Verifying webhook requests
Only process webhook requests you can verify came from Reeple. Every request includes anx-reeple-signature header — an HMAC-SHA512 hash of the raw request body, signed with your secret key. Recompute the hash yourself and compare it using a constant-time check before trusting the payload.
Best practices
- Use HTTPS — always serve your webhook URL over HTTPS.
- Respond quickly — return a
2xxstatus as soon as you’ve accepted the event, and do slower processing (database writes, notifications) asynchronously. - Be idempotent — the same event may be delivered more than once. Design your handler so processing it twice is safe.
- Log events — keep a record of received webhooks for debugging and auditing.
- Handle retries — a failed or timed-out delivery may be retried, so don’t assume a single delivery attempt.