PayJunction Specific Webhook HTTP Headers
These headers are valuable for integrations that manage multiple PayJunction Merchants (PJMIDs) and would like to use the same webhook URL for all webhook traffic and monitor all transactions regardless of where they originate. With this information you can verify that the webhook is secure and identify the PJMID and TID.
- Pj-Merchant: This UUID represents the PJMID and is the "id" returned from the GET /merchants endpoint.
- Pj-Account: This UUID represents the TID and is the "accountId" returned from the GET /terminals endpoint.
- X-Pj-Signature: HMAC hash based on your webhook secret token. See Securing Your Webhooks.
Example
POST / HTTP/1.1 Host: yourserver.com Connection: close Accept-Encoding: gzip,deflate Connection: close Content-Length: 166 Content-Type: application/json Pj-Account: 6598b7ea-7901-4c4f-95bc-ec66d010f68c Pj-Merchant: 2a161ecf-65df-4964-bc4e-f92743259896 User-Agent: PayJunction WebHook X-Pj-Signature: 7806fac8eae4ed1f197a8e00f4a34e118281e0a19b267ab18c13ec04368d4d61 { "id" : "3df99340-5f86-4a60-9976-b0a7ce3a77a3", "created" : "2023-06-30T21:51:08.131Z", "type" : "TRANSACTION", "data" : { "transactionId" : 313875 } }