Skip to main content
WEBHOOK

Headers

Moonpay-Signature
string
required

Legacy signature: t=<unix timestamp>,s=<signature> where the signature is an HMAC-SHA256 of <timestamp>.<request body> keyed with the endpoint's signing secret. Prefer Moonpay-Signature-V2.

Moonpay-Signature-V2
string
required

Signature to verify the event was sent by MoonPay: t=<unix timestamp>,s=<signature> where the signature is an HMAC-SHA256 of <timestamp>.<request body> keyed with your account's webhook API key. See Request signing.

Body

application/json
type
enum<string>
required

The event type.

Available options:
transaction_failed
data
object
required

The Buy transaction object as delivered in webhook events. Matches the Get Buy transaction response, plus webhook-only fields such as stages, cardType and nftToken.

externalCustomerId
string | null

An identifier associated with the customer, provided by you. Also present inside data.

Response

200

Return any 2xx status code within 5 seconds to acknowledge receipt. Non-2xx responses, timeouts and connection errors are retried with exponential backoff.