OAuth2 Webhooks Guide

Guide to configuring OAuth2.0 authentication for Webhooks integration on SePay.

Overview of the process

  1. The customer creates a webhook integration on the SePay system
  2. Select the OAuth2.0 authentication method
  3. Provide the following information:
    • Client ID
    • Client Secret
    • Access token endpoint URL

When a new transaction occurs, the SePay system will:

  1. Call your access token endpoint
  2. Use the received access token to call the webhook URL to notify the transaction

Request information that SePay sends to the Access Token endpoint

POST
https://your-endpoint (Endpoint URL configured in Webhooks)
-H "Content-Type: application/json"

Parameters:

clientIdstringrequired
Client ID configured in Webhooks
clientSecretstringrequired
Client Secret configured in Webhooks

Code samples:

>
>
>
>
>
>
curl -X POST "https://your-endpoint" \
  -H "Content-Type: application/json" \
  -d '{
    "clientId": "your_client_id",
    "clientSecret": "your_client_secret"
  }'

Response:

RESPONSE
{
  "data": {
    "accessToken": "eyJhbGci...",
    "refreshToken": "eyJhbGci...",
    "expiredIn": 3600
  }
}
Important notes
  • The response MUST follow the JSON format shown above
  • All fields inside data are mandatory
  • accessToken will be used by SePay in the webhook request header as: Authorization: Bearer {accessToken}
  • expiredIn should be set to a reasonable value (recommended: 1 hour = 3600 seconds)
Previous page
Next page