Mandate webhooks
Notifications sent to your webhook URI registered in the Console, when a mandate becomes authorized, fails, or is revoked.
Below are the webhook types that you can receive as a mandate moves through its lifecycle.
Configure the URI where you receive webhooks in Console.
All our webhooks include these headers:
Field | Type | Description |
---|---|---|
X-TL-Webhook-Timestamp | ISO-8601 Timestamp | Time that the webhook was sent to you. This will be in the following format: 2020-05-18T10:17:47Z. |
TL-Signature | string | JSON web signature with a detached payload of the form {HEADER}..{SIGNATURE} All incoming webhook requests must have verified signatures, or you risk accepting fraudulent payment status events. |
Webhook bodies are encoded in JSON format with the following fields:
Field | Type | Description |
---|---|---|
type | string | Event type |
event_id | string | A UUID for the event |
event_version | string | Version of the event type |
Webhooks may include additional fields. See the specific event webhook for more information.
mandate_authorized
Notification that a mandate was authorised.
Field | Type | Description |
---|---|---|
type | string | Type of the event ("mandate_authorized" ) |
event_id | string | A UUID for the event |
event_version | string | The version of the event schema |
mandate_id | string | The unique ID for the mandate |
authorized_at | datetime | An RFC-3339 timestamp of when the mandate was authorized |
metadata | object | Custom key-value data supplied during mandate creation |
mandate_failed
Notification that a mandate failed.
Field | Type | Description |
---|---|---|
type | string | Type of the event ("mandate_failed" ) |
event_id | string | A UUID for the event |
event_version | string | The version of the event schema |
mandate_id | string | The unique ID for the mandate |
failed_at | datetime | An RFC-3339 timestamp of when the mandate failed to be authorized |
failure_stage | string | An enum identifying where the mandate failed in it's lifecycle. Can be one of "authorization_required" , "authorizing" , "authorized" |
failure_reason | string | The reason the payment failed. Example values to expect: "authorization_failed" , "provider_error" , "provider_rejected" , "internal_server_error" , "invalid_sort_code" , "invalid_request" , "unknown_error" . Implementations should expect other values, since there may be more failure reasons added in future |
metadata | object | Custom key-value data supplied during mandate creation |
mandate_revoked
Notification that a mandate was revoked.
Field | Type | Description |
---|---|---|
type | string | Type of the event ("mandate_revoked" ) |
event_id | string | A UUID for the event |
event_version | string | The version of the event schema |
mandate_id | string | The unique ID for the mandate |
revoked_at | datetime | An RFC-3339 timestamp of when the mandate was revoked |
revocation_source | string | An enum identifying who revoked the mandate. Can be one of "client" , "provider" |
metadata | object | Custom key-value data supplied during mandate creation |
Updated 2 months ago