Offer all the payment features your
customers want with a fast integration
that limits your PCI scope.



  • Production Server

    For processing live transactions

  • Test Server

    For development

Most Commonly Referred to Articles

Securing Your Webhooks

WEBHOOK SUBSCRIPTIONS ARE LIMITED TO 5 PER PJMID. But a single Webhook can simultaneous track multiple requestI IDs.

For more information on PayJunction account structures, see the PayJunction Account Structures guide.

Why should you validate the webhook payload?

For security reasons, it is a good idea to ensure that the data is coming from PayJunction and has not been modified. Setting and using a secret token and validating the webhook payload data will give you confidence in the integrity of your webhook data.

Setting your secret token

You can create a secret token for a webhook in two ways:

  • Create a new webhook using the webhooks POST api and pass in the "secret" parameter.
  • Updating an existing webhook using the webhooks PUT api and pass in the "secret" parameter.

Note: Be sure to use a random string with a high amount of entropy.

Note: Make sure to never store this secret in an insecure location (This includes within the app source code) as anyone with this secret can effectively send fake data posing as PayJunction.