Guide · Developers

How crypto payment webhooks work

How ecommerce stores should use signed webhooks to update order status after crypto payments.

Start accepting crypto All guides

Crypto checkout is not a single synchronous card authorization. A customer signs a wallet transaction, the payment is detected, routes may complete, and the final state is delivered back to the merchant backend.

Use webhooks for order truth

Your backend should not rely only on the customer's browser redirect. Redirects are useful for customer experience, but signed webhooks are the reliable way to update order state.

Apa webhook events include payment status changes so your backend can fulfil only after the payment reaches a successful terminal state.

Verify signatures

A webhook endpoint should verify the signature header with the endpoint signing secret before trusting the body. This prevents random requests from changing order state.

Handle retries

Webhook delivery can fail if your server is down or slow. Design idempotent handlers: store event ids, ignore duplicates and make order updates safe to retry.

Questions

FAQ

Should my store trust the success redirect?

No. Use the redirect for customer UX and the signed webhook for backend order state.

What payment status should fulfil an order?

A terminal success state such as paid. Pending and routing are not final.

Build with the API

Turn the guide into a live checkout

Create your first payment link or API checkout in minutes. Direct payments are free, routed conversions are flat, and Apa never holds your funds.

Start for free Read the docs