Webhooks
Receive real-time notifications when checkout events occur. Webhooks are the primary way to know when a payment is confirmed.
Setup
Configure your webhook URL in the Volr Dashboard under Project Settings > Checkout Config, or via CLI:
volr checkout setup
You'll receive a webhook secret (whsec_...) for signature verification.
Handling Webhooks
import { VolrCheckout, type WebhookPayload } from '@volr/checkout-sdk';
app.post('/webhooks/volr', express.raw({ type: 'application/json' }), async (req, res) => {
const signature = req.headers['x-volr-signature'] as string;
const event = req.headers['x-volr-event'] as string;
const payload = req.body.toString();
// 1. Verify signature
const isValid = await VolrCheckout.verifySignature(
payload,
signature,
process.env.VOLR_WEBHOOK_SECRET!,
);
if (!isValid) {
return res.status(401).send('Invalid signature');
}
// 2. Parse and handle event
const webhookEvent: WebhookPayload = JSON.parse(payload);
switch (webhookEvent.event) {
case 'checkout.paid':
await handlePaymentConfirmed(webhookEvent.data);
break;
case 'checkout.expired':
await handleCheckoutExpired(webhookEvent.data);
break;
case 'checkout.cancelled':
await handleCheckoutCancelled(webhookEvent.data);
break;
case 'checkout.settled':
await handleSettlement(webhookEvent.data);
break;
case 'checkout.late_paid':
await handleLatePaid(webhookEvent.data);
break;
}
// 3. Return 200 quickly
res.status(200).send('OK');
});
주의
Always verify the webhook signature before processing. Never trust unverified webhook payloads.
Webhook Events
| Event | Description | When |
|---|---|---|
checkout.paid | Payment confirmed on-chain | Customer payment is verified |
checkout.expired | Checkout expired | No payment received before expiry |
checkout.cancelled | Checkout was cancelled | Merchant cancelled the checkout |
checkout.settled | Funds settled to merchant | Payment fully settled |
checkout.late_paid | Late payment received | Payment arrived after expiry |