Create a Webhook

curl https://production.methodfi.com/webhooks \
  -X POST \
  -H "Method-Version: 2025-07-04" \
  -H "Authorization: Bearer sk_WyZEWVfTcH7GqmPzUPk65Vjc" \
  -H "Content-Type: application/json" \
  -d '{
    "type": "payment.update",
    "url": "https://reference.example.app/webhook",
    "auth_token": "md7UqcTSmvXCBzPORDwOkE",
    "hmac_secret": "bd7UscLSmvEXazTOQDwOKW",
    "expand_event": true
  }'

{
  "id": "whk_cSGjA6d9N8y8R",
  "type": "payment.update",
  "url": "https://reference.example.app/webhook",
  "metadata": null,
  "expand_event": false,
  "status": "active",
  "error": null,
  "created_at": "2020-12-09T00:41:05.647Z",
  "updated_at": "2020-12-09T00:41:05.647Z",
}

POST

webhooks

curl https://production.methodfi.com/webhooks \
  -X POST \
  -H "Method-Version: 2025-07-04" \
  -H "Authorization: Bearer sk_WyZEWVfTcH7GqmPzUPk65Vjc" \
  -H "Content-Type: application/json" \
  -d '{
    "type": "payment.update",
    "url": "https://reference.example.app/webhook",
    "auth_token": "md7UqcTSmvXCBzPORDwOkE",
    "hmac_secret": "bd7UscLSmvEXazTOQDwOKW",
    "expand_event": true
  }'

{
  "id": "whk_cSGjA6d9N8y8R",
  "type": "payment.update",
  "url": "https://reference.example.app/webhook",
  "metadata": null,
  "expand_event": false,
  "status": "active",
  "error": null,
  "created_at": "2020-12-09T00:41:05.647Z",
  "updated_at": "2020-12-09T00:41:05.647Z",
}

Creating a new Webhook means registering a URL to receive updates for a specific event type. Once a resource is created or updated, your application will be notified via an HTTPS POST request with the event information.

Body

type

enum

required

The event type to be sent to this URL. See Webhook Event Types.

url

string

required

The URL receiving the Webhook event.

When testing your integration in a local environment, we recommend utilizing the following technologies for a seamless developer experience with Webhooks:

https://webhook.site – to debug the Webhook payload from Method.
https://ngrok.com – to create a reverse proxy to your local development environment.

auth_token

string

Secret token for request validation. Will be sent as a base64 encoded string in the Authorization header of the Webhook.

Authorization Header Verification – base64 enocded string in the Authorization header of the webhook.

hmac_secret

string

Secret token used for computing HMAC signature. Used to compute the HMAC signature in the method-webhook-signature header of the Webhook.

HMAC Verification – HMAC signature in the method-webhook-signature header of the webhook.

expand_event

boolean

Whether to expand the event object in the Webhook payload. (default: false)

Returns

Returns the newly created Webhook object.

curl https://production.methodfi.com/webhooks \
  -X POST \
  -H "Method-Version: 2025-07-04" \
  -H "Authorization: Bearer sk_WyZEWVfTcH7GqmPzUPk65Vjc" \
  -H "Content-Type: application/json" \
  -d '{
    "type": "payment.update",
    "url": "https://reference.example.app/webhook",
    "auth_token": "md7UqcTSmvXCBzPORDwOkE",
    "hmac_secret": "bd7UscLSmvEXazTOQDwOKW",
    "expand_event": true
  }'

{
  "id": "whk_cSGjA6d9N8y8R",
  "type": "payment.update",
  "url": "https://reference.example.app/webhook",
  "metadata": null,
  "expand_event": false,
  "status": "active",
  "error": null,
  "created_at": "2020-12-09T00:41:05.647Z",
  "updated_at": "2020-12-09T00:41:05.647Z",
}

IP Whitelisting Retrieve a Webhook

API Reference

Entities

Accounts

Payments

Elements

Events

Supporting Endpoints

Body

Returns

API Reference

Entities

Accounts

Payments

Elements

Events

Supporting Endpoints

​Body

​Returns

Body

Returns