Webhooks are event-based notifications that are received when a specific event related to the KYC verification occurs.
In rare cases, such as network retries, read timeouts, processing delays, or delivery failures, the same webhook might be sent more than once for the same event. To prevent unintended side effects, implement idempotency in your webhook handler to handle duplicate deliveries.

Add webhooks

Add your webhook URL in our system for us to deliver webhook events. Follow the instructions below to configure the webhook URL. Ensure to provide the publicly accessible HTTPS URL to your webhook endpoint.
  1. Log in to the Merchant Dashboard and click Developers.
  2. Click Webhooks listed under the Secure ID card.
  3. Click Add Webhook URL in the Webhook screen.
  4. In the Add Webhook popup, fill in the following information:
    • Webhook URL - Enter the URL in this field.
  5. Click Test & Add Webhook.

Add Webhook

Webhook events

EventDescription
KYC_LINK_ACTION_PERFORMEDYou will receive this event when one of the verifications is performed using the link.
KYC_LINK_SUCCESSYou will receive this event when all the verifications are performed successfully.
KYC_LINK_EXPIREDYou will receive this event when the link expires.
{
  "signature": "3YdAGMqBPDgWqy4zteRad/MoCmH59cm+93sogQWhOa8=",
  "event_type": "KYC_LINK_ACTION_PERFORMED",
  "event_time": "2024-02-15 16:53:15",
  "version": "v1",
  "data": {
  	"name": "Test",
"phone": "9999999999",
"email": "test@cashfree.com",
  	"verification_id": "testverificationid",
  	"reference_id": 235461,
  	"link_expiry": "2025-12-02",
  	"form_link": "https://forms.cashfree.com/",
  	"form_status": "RECEIVED",
"verification_details": [
    	{
      		      "reference_id": 234,
      "type": "OFFLINE_AADHAAR_VERIFICATION",
      "status": "SUCCESS"
    		},
    		{
    		      "reference_id": 0,
      "type": "PANDETAILS_VERIFICATION",
      "status": "RECEIVED"
},
    		{
      "reference_id": 0,
      "type": "BANKDETAILS_VALIDATION",
      "status": "RECEIVED"
    		},
    		{
      "reference_id": 0,
      "type": "UPIDETAILS_VALIDATION",
      "status": "RECEIVED"
    		}
  	]
     }
}

Webhook payload fields

The webhook payload contains important metadata in its top-level fields.
FieldTypeDescription
signaturestringA Base64-encoded HMAC-SHA256 signature of the payload, generated using a shared client secret.
event_typestringIndicates the type of event that triggered the webhook.
event_timestringThe UTC timestamp of when the event occurred, formatted in ISO 8601 (YYYY-MM-DDTHH:MM:SSZ).
versionstringIndicates the webhook format being used. Default version is “v1”.
dataobjectContains event-specific details related to this feature.
Verifying the signature is mandatory before processing any response. Refer to Signature Verification for more details.