API Overview

Webhooks Implementation Guide
- Recent Revisions to This Document
- VISA Platform Connect: Specifications and Conditions for Resellers/Partners

Introduction to Webhooks
- Webhooks Integration Overview
- Supported Products and Event Types

Set Up Your Security

Create REST API Keys
- Create a Shared Secret Key Pair
- Create a P12 Certificate

Create a Digital Signature Key

(Optional) Provide Your OAuth Credentials

Retrieve a List of Products and Events

Message-Level Encryption
- Preparing Your Workspace
- Generate Certificate and Key Pair
- Register the Certificate
  - Required Fields for Registering Your Message-Level Encryption Keys
  - Example: Registering Your Certificate
- Security Best Practices
- Troubleshooting
- Viewing Certificate Details

Create a Webhook Subscription
- Create a Webhook Subscription
- Create a Webhook Subscription Using OAuth
- Create a Webhook Subscription Using OAuth with JWT
- Create a Sample Webhook Subscription

Optional Set-Up Tasks
- Webhook Health Check URL and Automatic Revalidation
- Configure the Retry Policy

Webhook Notification Field Descriptions

Example: Notification Payload

Manage Webhook Subscriptions Requests
- Retrieve the Details of a Webhook Subscription
- Retrieve All of an Organization's Subscriptions
- Update a Webhook Subscription
- Delete a Webhook Subscription
- Verify a Webhook Subscription's Configuration
- Activate a Webhook Subscription
- Deactivate a Webhook Subscription

Troubleshooting Webhook Subscriptions

On This Page

Message-Level Encryption

IMPORTANT

Payment and Unified Checkout events require message-level encryption. To see the event types and product IDs for Payment and Unified Checkout events, see Supported Products and Event Types.

Message-level encryption (MLE) encrypts the payload of a message to prevent tampering. This section explains how to create the key that is necessary to decrypt encrypted payloads.

The webhook notification service requires X.509 certificates instead of raw public keys for MLE. The service uses:

Symmetric Encryption
: AES-GCM with 256-bit keys

Asymmetric Encryption
: RSA-OAEP with 2048-bit keys

Format
: JSON Web Encryption

Separate key pairs for request and response transactions

Prerequisite

OpenSSL must be installed on your system.

You must have access to terminal/command line.

You must have appropriate permissions to create the asymmetric key in the Visa Acceptance Solutions system.

Back to top