For Verification, create a base64 hash using HmacSHA256 using Published-Timestamp header as message and your API key as secret. The result should match the Signature header.
- Card upgrade to physical details
Card state change
Card authorisation
Card adjustment
Card settlement
Card expiry and renewal
Card replacement
Card upgrade to physical...
Weavr Webhook (v2)
Download OpenAPI description
Overview
URL
Languages
Servers
Mock server
https://api.weavr.io/_mock/products/webhooks/openapi
https://api.weavr.io/""
Headers
Bodyapplication/jsonrequiredA call reference generated by the caller and unique to the caller to provide correlation between the caller and system with a maximum length of 255
The timestamp, expressed in Epoch timestamp using millisecond precision, when this event was published.
The signature to verify the authenticity of this request. This is the base64 hash (HmacSHA256) of the call-ref + payload + published-timestamp using your API key.
The id of the managed card on which the event occurred.
The type of event.
Enum"CARD_ABOUT_TO_EXPIRE""CARD_EXPIRED""CARD_RENEWED"
The state of the instrument.
The state of the instrument indicating what it can and cannot do as follows:
- ACTIVE: The instrument is in an active state and can be used in transactions.
- BLOCKED: The instrument is temporarily blocked and cannot be used. Any funds on the instrument are also frozen. The
blockedReasonprovides more information as to why it was blocked. - DESTROYED: The instrument has been permanently destroyed. The
destroyReasonprovides more information as to why it was destroyed. - NOT_ENABLED: The instrument is not enabled for use, since the linked user has not completed all necessary verification steps.
Enum"ACTIVE""BLOCKED""DESTROYED""NOT_ENABLED"
The reason why the instrument has been blocked:
- USER: The root, or an authorised user, of the identity owning the instrument has temporarily blocked the instrument.
- SYSTEM: The platform or an administrator of the platform has temporarily blocked the instrument.
- LOST: The instrument has been blocked because it was marked as lost.
Enum"USER""SYSTEM""LOST"
The reason why the instrument has been destroyed:
- SYSTEM: The platform or an administrator of the platform has destroyed the instrument.
- USER: The root, or an authorised user, of the identity owning the instrument has destroyed the instrument.
- LOST: The instrument was automatically destroyed as it was marked as lost.
- STOLEN: The instrument was automatically destroyed as it was marked as stolen.
- EXPIRED: The instrument was automatically destroyed as it expired.
- COMPROMISED: The instrument was automatically destroyed as it was marked as compromised.
Enum"SYSTEM""USER""LOST""STOLEN""EXPIRED""COMPROMISED"
Indicates how the card will be handled once it is close to expiring.
- RENEW: The card will be automatically renewed, keeping the same card number but with a new expiry date and CVV.
- NO_RENEW: Once the expiry date is reached, the card is destroyed.
Enum"RENEW""NO_RENEW"
- Mock serverhttps://api.weavr.io/_mock/products/webhooks/openapi/managed_cards/expiries/watch
- https://api.weavr.io/""/managed_cards/expiries/watch
application/json
{ "id": { "id": "string", "type": "managed_cards" }, "eventType": "CARD_ABOUT_TO_EXPIRE", "state": { "state": "ACTIVE", "blockedReason": "USER", "destroyedReason": "SYSTEM" }, "cardType": "VIRTUAL", "expiryMmyy": "string", "renewalType": "RENEW", "renewalTimestamp": "string" }
Headers
Bodyapplication/jsonrequiredA call reference generated by the caller and unique to the caller to provide correlation between the caller and system with a maximum length of 255
The timestamp, expressed in Epoch timestamp using millisecond precision, when this event was published.
The signature to verify the authenticity of this request. This is the base64 hash (HmacSHA256) of the call-ref + payload + published-timestamp using your API key.
The id of the managed card on which the event occurred.
Bulk delivery is available for deliveryMethods REGISTERED_MAIL or COURIER. All cards marked as bulk and ordered within the fulfilment centre’s dispatch window will be sent in bulk. Delivery address must be identical for all orders. contactNumber in the deliveryAddress object is mandatory when bulk is selected. Maximum number of cards delivered in a single box/packet is REGISTERED_MAIL = 90, COURIER = 200.
The unique reference indicating the configuration of the physical card. Example the card design.
Indicates if the physical card is activated for physical usage such as with physical terminals.
Indicates if the physical card is blocked due to providing incorrect PINs.
Information on the manufacturing of the physical card, as follows:
- REQUESTED: The upgrade of the card to physical has been requested.
- SENT_FOR_FULFILLMENT - The card has been sent for printing.
- DISPATCHED: The card has been manufactured and dispatched. You may receive a second DISPATCHED event when the manufacturer provides a tracking code.
- DELIVERED: The card has been received and activated by the recipient.
Enum"REQUESTED""SENT_FOR_FULFILLMENT""DISPATCHED""DELIVERED"
The delivery address where the physical card is delivered.
The delivery methods supported for delivering printed physical cards. If not specified, the STANDARD_DELIVERY method will be used.
Enum"STANDARD_DELIVERY""REGISTERED_MAIL""COURIER""FIRST_CLASS_MAIL"
The delivery tracking code for tracking the physical card's delivery status. This may not always be available on the first dispatched event, and so you will receive an additional dispatched notification with the delivery tracking code populated as soon as it is available.
The delivery tracking method for tracking the physical card's delivery status.
The delivery tracking URL for tracking the physical card's delivery status.
Indicates if the physical card is replaced by another card.
physicalCardDetails.nameOnCardLine2string<= 27 charactersDeprecated^[a-zA-Z0-9ßÀÁÂÃÄÅǍÆÇÈÉÊËÌÍÎÏÒÓÔÕÖØŠÙÚÛÜŸÝĄĆČ...
Line 2 of the 'name on card' field. For Physical cards, this field will be printed on the card. The maximum characters allowed will depend on the design chosen and will be provided to you by Weavr when setting up your plastic cards. This field is deprecated
- Mock serverhttps://api.weavr.io/_mock/products/webhooks/openapi/managed_cards/physical_cards_upgrade/watch
- https://api.weavr.io/""/managed_cards/physical_cards_upgrade/watch
application/json
{ "id": { "id": "string", "type": "managed_cards" }, "physicalCardDetails": { "bulkDelivery": true, "productReference": "string", "carrierType": "string", "pendingActivation": true, "pinBlocked": true, "manufacturingState": "REQUESTED", "replacement": { … }, "deliveryAddress": { … }, "deliveryMethod": "STANDARD_DELIVERY", "deliveryTrackingCode": "string", "deliveryTrackingMethod": "string", "deliveryTrackingUrl": "string", "nameOnCardLine2": "string" }, "upgradedTimestamp": "string" }
Headers
Bodyapplication/jsonrequiredA call reference generated by the caller and unique to the caller to provide correlation between the caller and system with a maximum length of 255
The timestamp, expressed in Epoch timestamp using millisecond precision, when this event was published.
The signature to verify the authenticity of this request. This is the base64 hash (HmacSHA256) of the call-ref + payload + published-timestamp using your API key.
The type of replacement event that occurred.
Enum"VIRTUAL_REPLACEMENT""PHYSICAL_REPLACEMENT"
The id of the managed card on which the event occurred.
- Mock serverhttps://api.weavr.io/_mock/products/webhooks/openapi/managed_cards/replacement/watch
- https://api.weavr.io/""/managed_cards/replacement/watch
application/json
{ "eventType": "VIRTUAL_REPLACEMENT", "id": { "id": "string", "type": "managed_cards" }, "replacementId": { "id": "string", "type": "managed_cards" }, "replacementReason": "DAMAGED", "replacementTimestamp": "string", "userId": "string" }