Configure account webhook
POST https://api.avista.global/api/webhooks
Requires a Bearer token in the Authorization header. See Generate Token to obtain one.
Configures or updates the webhook URL for a specific event type. If a webhook already exists for the same event type, it will be updated (upsert behavior).
Requires a Bearer token in the Authorization header.
Event Description cash_inPIX received cash_outPIX sent refund_inRefund of received payment (refund requested) refund_outRefund received med_createdMED (Special Refund Mechanism) opened against a transaction med_acceptedMED refund request approved med_rejectedMED refund request rejected
Field Type Required Description urlstring Yes HTTPS URL of the endpoint that will receive the webhooks eventTypestring Yes Event type: cash_in, cash_out, refund_in, refund_out, med_created, med_accepted, med_rejected headersarray No Custom headers for authentication (maximum 5). Blocked headers: host, content-length, connection, transfer-encoding, content-type, user-agent headers[].keystring Yes Header name headers[].valuestring Yes Header value
{ "url" : "https://api.example.com/webhooks/pix" , "eventType" : "cash_in" , "headers" : [ { "key" : "Authorization" , "value" : "Bearer token123" }, { "key" : "X-Webhook-Secret" , "value" : "abc123" } ] } curl -X POST "https://api.avista.global/api/webhooks" \ -H "Authorization: Bearer $AVISTA_TOKEN " \ -H "Content-Type: application/json" \ -d '{ "url": "https://api.example.com/webhooks/pix", "eventType": "cash_in", "headers": [ { "key": "Authorization", "value": "Bearer token123" }, { "key": "X-Webhook-Secret", "value": "abc123" } ] }' JavaScript Python PHP Java
const axios = require ( 'axios' ); const response = await axios. post ( 'https://api.avista.global/api/webhooks' , { "url" : "https://api.example.com/webhooks/pix" , "eventType" : "cash_in" , "headers" : [ { "key" : "Authorization" , "value" : "Bearer token123" }, { "key" : "X-Webhook-Secret" , "value" : "abc123" } ] }, { headers: { 'Authorization' : `Bearer ${ process . env . AVISTA_TOKEN }` , 'Content-Type' : 'application/json' , }, } ); console. log (response.data); import os, requests response = requests.post( 'https://api.avista.global/api/webhooks' , headers = { 'Authorization' : f 'Bearer { os.environ[ "AVISTA_TOKEN" ] } ' , 'Content-Type' : 'application/json' , }, json = { "url" : "https://api.example.com/webhooks/pix" , "eventType" : "cash_in" , "headers" : [ { "key" : "Authorization" , "value" : "Bearer token123" }, { "key" : "X-Webhook-Secret" , "value" : "abc123" } ] }, ) print (response.json()) $ch = curl_init ( 'https://api.avista.global/api/webhooks' ); curl_setopt_array ($ch, [ CURLOPT_RETURNTRANSFER => true , CURLOPT_POST => true , CURLOPT_HTTPHEADER => [ 'Authorization: Bearer ' . getenv ( 'AVISTA_TOKEN' ), 'Content-Type: application/json' , ], CURLOPT_POSTFIELDS => '{ "url": "https://api.example.com/webhooks/pix", "eventType": "cash_in", "headers": [ { "key": "Authorization", "value": "Bearer token123" }, { "key": "X-Webhook-Secret", "value": "abc123" } ] }' , ]); $response = curl_exec ($ch); curl_close ($ch); echo $response; String body = """ { "url": "https://api.example.com/webhooks/pix", "eventType": "cash_in", "headers": [ { "key": "Authorization", "value": "Bearer token123" }, { "key": "X-Webhook-Secret", "value": "abc123" } ] } """ ; HttpRequest request = HttpRequest. newBuilder () . uri (URI. create ( "https://api.avista.global/api/webhooks" )) . header ( "Authorization" , "Bearer " + System. getenv ( "AVISTA_TOKEN" )) . header ( "Content-Type" , "application/json" ) . POST (HttpRequest.BodyPublishers. ofString (body)) . build (); HttpResponse< String > response = HttpClient. newHttpClient () . send (request, HttpResponse.BodyHandlers. ofString ()); System.out. println (response. body ()); Field Type Description successboolean Indicates whether the operation was successful messagestring Descriptive message of the result
{ "success" : true , "message" : "Webhook configurado com sucesso" } Status Description 400 Invalid data (URL is not HTTPS, invalid event type, etc.) 401 Missing or invalid token 404 Account not found 500 Internal error configuring webhook
