What are Webhooks?
Webhooks allow you to receive real-time notifications about events in your Sturdy Technologies account. When an event occurs (like a transaction completing or a card being created), we send an HTTP POST request to a URL you specify.Setting Up Webhooks
- Configure your endpoint: Set up an HTTPS endpoint on your server to receive webhook events
- Register your webhook URL: Contact support or use the dashboard to register your webhook URL
- Verify webhook signatures: Validate incoming webhooks using the signature header
- Respond quickly: Return a
200 OKresponse within 5 seconds
Webhook Payload Structure
All webhook events follow a consistent structure:Common Fields
event_id: Unique identifier for this webhook event (use for deduplication)event_type: The type of event that triggered the webhooktimestamp: ISO 8601 timestamp of when the event occurreddata: Event-specific payload data
Webhook Events
Transaction Events
Payment completion and failure notifications
Card Events
Virtual card lifecycle and transaction events
Account Events
Bank account creation and balance updates
User Events
User account creation and deletion
Best Practices
Handle Idempotency
Handle Idempotency
Use the
event_id to prevent processing the same event multiple times.
Store processed event IDs and check before processing.Respond Quickly
Respond Quickly
Return a
200 OK response immediately. Process the webhook asynchronously to
avoid timeouts.Verify Signatures
Verify Signatures
Always verify the webhook signature to ensure the request came from Sturdy
Technologies.
Handle Retries
Handle Retries
We’ll retry failed webhooks with exponential backoff. Make sure your
endpoint is idempotent.
Retry Policy
If your endpoint doesn’t respond with a200 OK status code, we’ll retry the webhook:
- Retry 1: After 1 minute
- Retry 2: After 5 minutes
- Retry 3: After 15 minutes
- Retry 4: After 1 hour
- Retry 5: After 6 hours