Skip to main content
🔔

Webhook

Receive real-time event notifications pushed directly to your server — no polling required. Radix delivers a signed payload to your registered URL whenever a transfer, collection, or card event occurs.

Push — no polling🔏 SHA-256 HMAC signed📨 4 event types

How Webhooks Work

1
Register your webhook URL

Use the Update Key Webhook endpoint in Settings to register the URL Radix will POST events to. Only one URL is active at a time.

2
Receive event payloads

When a qualifying event occurs (a payment received, transfer completed, card authorised, or collection account deactivated), Radix sends a signed POST request to your URL with the event payload.

3
Verify the signature

Every request includes an X-Radix-Signature header. Compute a SHA-256 HMAC of the payload using your secret key and compare it against this header before processing the event. Reject any request where signatures do not match.

4
Process and respond

If the signature is valid, process the event and respond with HTTP 200. Radix considers any non-2xx response a delivery failure. Use the Test Webhook URL endpoint to verify your endpoint is reachable before going live.

Signature Verification

What to hash varies by event type
  • Inward Transfers — hash the entire request body (stringified JSON)
  • Outward Transfers, Card Authorisation, Collection Account Deactivation — hash only the data object from the body (stringified JSON)

Always check the per-event reference page for the exact hashing instruction.

Test before going live

Use the Test Webhook URL endpoint to send a sample payload to your server. Supports credit, debit, and card_authorisation event types.

Reference Pages

Security & Testing
Event Types