Webhooks & Events
Copperx uses webhooks to send real-time notifications to your server whenever important events occur in your account. This enables you to automate backend actions.
✅ What is a Webhook?
A webhook is a POST request sent from Copperx to your server’s endpoint whenever a specific event occurs. It carries a JSON payload describing the event and its associated data.
Why Use Webhooks? Instead of continuously calling the API to check for payment status updates, Copperx sends real-time events to your backend. This reduces overhead and ensures your app stays in sync.
Typical Flow:
User completes a payment (e.g., Checkout Session).
Copperx sends a webhook event (
checkout_session.completed
) to your endpoint.Your backend verifies the webhook and updates the user’s plan or access.
🔐 Webhook Security & Signature Verification
For security, Copperx signs every webhook payload using an HMAC-SHA256 signature.
Headers in the Webhook Request:
HeaderDescriptionx-webhook-signature
HMAC-SHA256 signature of the raw payload
x-webhook-token
Your webhook secret key (from dashboard)
How to Verify the Signature:
Retrieve the
x-webhook-signature
header from the request.Compute your own HMAC-SHA256 hash of the raw request body using your webhook secret key.
Compare your hash with the
x-webhook-signature
. If they match, the webhook is valid.
You can find your webhook secret key in the Copperx dashboard settings.
🔗 Common Webhook Events
Below are the most commonly used events in Copperx’s payment flows:
checkout_session.completed
User successfully completed the checkout.
checkout_session.expired
Checkout session expired before payment completion.
checkout_session.canceled
User canceled the checkout session.
invoice.paid
An invoice was paid successfully.
invoice.finalized
An invoice was finalized (ready to be paid).
invoice.payment_failed
Payment for an invoice failed.
customer.subscription.created
A new subscription was created.
customer.subscription.started
Subscription started.
customer.subscription.deleted
Subscription was canceled/deleted.
customer.subscription.past_due
Subscription payment is past due.
customer.subscription.unpaid
Subscription payment is unpaid.
payment_intent.succeeded
PaymentIntent was successfully completed.
payment_intent.failed
PaymentIntent failed.
📨 Example Webhook Payload: Checkout Session Completed
When a checkout session is completed, here’s an example of the JSON payload you will receive:
💡 How to Use This Event
When you receive this event:
✅ Verify the signature (for security).
✅ Check the paymentStatus (paid
).
✅ Activate the user’s plan, send a confirmation email, or update their account.
⚙️ Best Practices for Webhooks
✅ Always verify the signature to avoid spoofed requests. ✅ Respond quickly to webhook POST requests with a 200 OK to acknowledge receipt. ✅ Retry handling: Copperx will automatically retry delivery if your server responds with a non-2xx status, following this schedule:
1st retry after 1 second
2nd retry after 2 seconds
3rd retry after 4 seconds
✅ Log webhook events for debugging and auditing. ✅ Use HTTPS for secure communication.
Last updated