Skip to main content

Notification Handle

Best Practice to Handle Notification :

  1. Use an HTTPS endpoint at all times. Since we verify the certificates match the hosts, it is safe and cannot be the target of Man-in-the-Middle (MITM) attacks. Self-signed certificates should not be used.
  2. Notification should always be implemented idempotently. We might occasionally send out two or more notifications for the same transaction occurrence. Using Order ID as the key to track the entries is a straightforward method of ensuring that there are no duplicate entries on the merchant end.
  3. Although we work hard to deliver notifications as soon as a transaction is completed, in the very unusual event that you experience delays, please utilize the Check Status API to find out the transaction's current status. To view the most recent transaction status, you may also utilize the Check Status API for any usecase.
  4. We have 30 seconds set as the HTTP timeout. It is generally advised to keep the response time of your HTTP notifications to less than 5 seconds.
  5. The body of the notice is sent as JSON; use a JSON parser to interpret the JSON. It is advisable to parse the notification body in a non-strict format, as new fields are likely to be added. This will ensure that the parser does not throw an exception when it encounters new fields. It ought should politely overlook the newly added fields. This keeps our older clients intact while expanding our notification system for more recent use cases.
  6. Whenever possible, reply to notifications with the appropriate HTTP Status code. Retries for error scenarios are handled differently depending on the status code:
    • for 2xx: No need for tries, it's deemed successful
    • for 5xx : We will retry 5 times with interval 1 minute, 5 minutes, 15 minutes, 30 minutes, and 1 hour