An event is an occurrence of something that could be of interest to the biller or client within Faster Payouts. When this happens, Faster Payouts sends an Event object to the client using a Webhook. Clients can subscribe to the events of their choice. The Webhook invocation involves authenticating to the client system and making a POST request with the Event object to the URL specified by the client. An event posting is considered to be successful if it gets an HTTP Response code of 200. In case Faster Payouts does not receive a successful response for an event posting, the event will be re-posted every hour for a maximum of 3 days. In case of re-posting of an event, the event id will be the same as in the original posting.

Faster Payouts Event posting supports different authentication schemes.

In this authentication scheme, Faster Payouts would send API Keys, in the form of HTTP headers, as part of the webhook. These API Keys must be configured in Faster Payouts by the client. A client can specify upto a maximum of 5 API keys to be sent in a webhook. The client can check for the authenticity of the webhook by comparing the API keys and values received in the webhook with the ones configured in Faster Payouts.

  Example :

  test_header1:value1
  test_header2:value2
  test_header3:value3
  test_header4:value4
  test_header5:value5

With Basic Authentication, Faster Payouts sends a Base64-encoded string that contains the user name and password for the client in the Authorization header of the HTTP request. The client must configure the username and password for the basic authentication in Faster Payouts. The client can check for the authenticity of the webhook by verifying the username and password received in the webhook with the ones configured in Faster Payouts. Please note that Base64 is not a form of encryption and is similar to sending the user name and password in clear text.

  Example :

  Below  dXNlcm5hbWU6cGFzc3dvcmQ=   refers to Base64 encoded string of the provided username and password ( username:password )
  (  : ( colon ) is appended in-between username and password before it is being encoded)
  Authorization:Basic dXNlcm5hbWU6cGFzc3dvcmQ=

Faster Payouts supports Open Authorization Protocol 2.0 with Auth scheme as “Bearer”. The client/biller needs to run an authorization server at its end. The client needs to configure the client id, the client secret, the token endpoint (URL) and the Auth scope in Faster Payouts. The Grant Type to be used is "client_credentials". Faster Payouts sends the token read from the token endpoint in the Authorization header of the webhook.

  Example :

  Below 4484e52dc4744374aced826a4543cd28948816ff   refers to the access token issued by Autherization server.
  Authorization:Bearer 4484e52dc4744374aced826a4543cd28948816ff

Every API call should include the following request headers to define the context in which the API is invoked.