Skip to main content

Consume webhooks

Start with a durable HTTPS endpoint that verifies signatures, stores the received CloudEvent identity, and processes each event idempotently. Register webhook endpoints in the COPE dashboard.
  1. Create an HTTPS endpoint on your service, for example https://checkout.example.com/cope/webhooks.
  2. Verify the webhook signature against the endpoint secret.
  3. Persist the CloudEvents source + id tuple before applying business effects.
  4. Process the event based on type and validate data against the linked schema.
  5. Return 2xx only after durable acceptance.
The public event set covers cart, checkout, order, payment, refund, dispute, chargeback, and payout milestones. Some lifecycle events are visible before their payload schema is published; treat those as not ready for payload-dependent integrations.