Webhook FAQ

Webhooks let IDWise notify your backend in real time when verification events occur — such as a journey completing, a step being submitted, or an AML match being updated. Without webhooks, you would need to poll the API repeatedly to check for status changes, which is inefficient and adds unnecessary load.

All webhook payloads are delivered as JSON via HTTP POST requests to your configured endpoint.

Yes. Webhooks are sent asynchronously as soon as the triggering event completes — for example, immediately after a journey finishes processing or a step is submitted.

No. Webhook payloads are designed to exclude personally identifiable information. They contain only event metadata such as journeyId, referenceNo, and systemDecision. To retrieve full journey details including PII, call the Get Journey Result API using the journeyId from the webhook.

Yes. You can configure a separate webhook URL for each event type, or point multiple event types to the same endpoint and route them based on the event field in the payload.

IDWise retries delivery at intervals of 5, 10, and 15 minutes. If all retry attempts fail, an email notification is sent to the error reporting email addresses you configured, providing details of all undelivered webhooks.

Yes. If your endpoint doesn't return HTTP 200 in time, IDWise retries with the same eventId. Always use the eventId to deduplicate — if you've already processed an event with that ID, skip it.

Return HTTP 200 immediately upon receiving the webhook. Process the payload asynchronously to avoid timeouts. Any non-200 response triggers a retry.

IDWise supports three authentication methods when delivering webhooks:

• Basic Authentication — Username and password sent in the request headers.
• Bearer Token — A token included in the Authorization header.
• Custom HTTP Headers — Add any custom key-value headers (e.g., API keys).

You can configure authentication during webhook setup.

Yes. You can whitelist specific IP addresses so your endpoint only accepts requests from IDWise. Contact the IDWise team to get the list of IP addresses to whitelist.

Navigate to Developer's Area → Webhooks tab in the IDWise portal. From there you can create, edit, and test webhook subscriptions. See Configure Webhook URLs for a step-by-step guide.

Yes. The webhook setup wizard includes a Testing step where you can send a test request to your endpoint before saving. You can also use webhook.site to generate a temporary URL for inspecting payloads during development.

Yes. When creating a webhook, you select the Environment (Live or Sandbox). This lets you configure separate URLs for production and testing environments.

Yes. Webhook payloads may be extended with new fields over time. Ensure your handler ignores unknown fields and only parses the fields you need, so new additions don't break your integration.