跳到主要内容

Debicheck Result Notify

POST 
/:debicheck_notify_url

When Debicheck authentication is successful, failed, or canceled, PayCloud will send the relevant information to the merchant. In such cases, the merchant's backend needs to receive the result and respond to PayCloud.

  1. When interacting with this API, if the gateway payment system does not receive a reply and the merchant side indicates success or timeout, the gateway payment system will consider it an unaccepted notification and will make further notifications of payment results regularly. We will notify 15 times within 12 hours to ensure the success of the notification. However, the gateway payment system cannot ensure successful receipt of each payment notification. (Notification frequency: 5s/10s/15s/30s/60s/3m/10m/15m/30m/30m/60m/60m/3h/3h)
  2. As the PayCloud system may send verification result notifications multiple times to the merchant's backend, a single verification result may be notified multiple times. Therefore, the merchant system must be able to handle duplicate notifications properly.
  3. Best practices for handling such cases: when a notification is received and processed, first check the payment data in the notification to confirm whether the payment result has been previously processed. If so, return the processed result; if not, process the result first before returning it. Before checking payment data, use a transaction lock for concurrency control to prevent data corruption caused by transaction race conditions.
  4. To avoid receiving false notifications, merchants must verify the signature of the notification and check if the data in the notification matches the merchant’s system.
  5. In the future, notification parameters will be increased according to business needs. Ensure the scalability of the signature verification program. Do not hard-code the list of parameters involved in signature verification. Parameters should be dynamically passed based on the received notification message.

Note: When the Webhook notification is successfully received and processed, the server should return a fixed plain text string "success" in the HTTP response body, instead of a JSON-formatted message. The response example is as follows:

HTTP/1.1 200 OK
Content-Type: text/plain
Content-Length: 7

success

Request

Responses

success

Response Headers