Skip to main content
The webhooks endpoints let you register and manage webhook endpoints that PIK uses to deliver real-time payment event notifications to your server.

Register a webhook

POST /webhooks
Registers a new webhook endpoint to receive event notifications. Request body
url
string
required
The publicly accessible HTTPS URL of your webhook endpoint. Example: "https://yourapp.com/webhooks/pik"
events
array
required
List of event types to subscribe to. Available values: payment.confirmed, payment.settled, payment.failed
Example request 
curl -X POST https://api.pik.global/v1/webhooks \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "url": "https://yourapp.com/webhooks/pik",
    "events": ["payment.confirmed", "payment.settled"]
  }'
Response 201 Created 
{
  "id": "wh_ghi789",
  "url": "https://yourapp.com/webhooks/pik",
  "events": ["payment.confirmed", "payment.settled"],
  "secret": "whsec_abc123xyz",
  "status": "active",
  "created_at": "2024-01-15T09:00:00Z"
}
The secret field is only returned once at creation time. Store it securely — you need it to verify webhook signatures.
Response fields
id
string
Unique webhook endpoint ID. Prefix: wh_
url
string
The registered webhook URL.
events
array
The list of subscribed event types.
secret
string
HMAC-SHA256 signing secret. Only returned at creation. Use this to verify incoming webhook signatures.
status
string
Webhook status: active or disabled.
created_at
string
ISO 8601 timestamp of registration.

List webhooks

GET /webhooks
Returns all registered webhook endpoints for your account. Example request 
curl -X GET https://api.pik.global/v1/webhooks \
  -H "Authorization: Bearer YOUR_API_KEY"
Response 200 OK 
{
  "data": [
    {
      "id": "wh_ghi789",
      "url": "https://yourapp.com/webhooks/pik",
      "events": ["payment.confirmed", "payment.settled"],
      "status": "active",
      "created_at": "2024-01-15T09:00:00Z"
    }
  ],
  "total": 1
}

Webhook event payload

Every webhook request PIK sends to your endpoint includes a JSON body with the following structure: 
{
  "event": "payment.confirmed",
  "id": "evt_xyz789",
  "created_at": "2024-01-15T10:45:00Z",
  "data": {
    "transaction_id": "txn_def456",
    "payment_link_id": "pl_abc123xyz",
    "amount": "75.00",
    "currency": "USDT",
    "status": "confirmed",
    "confirmed_at": "2024-01-15T10:45:00Z"
  }
}
Payload fields
event
string
The event type: payment.confirmed, payment.settled, or payment.failed
id
string
Unique event ID. Prefix: evt_
created_at
string
ISO 8601 timestamp of when the event was generated.
data
object
Event-specific data. For payment events, contains transaction details.

Signature verification

Each webhook request includes a PIK-Signature header containing an HMAC-SHA256 signature. Verify this signature to confirm the request came from PIK. See Receive payment events with PIK Webhooks for code examples in Node.js and Python.