Notifications will be sent when the status of a verification changes.
The notifications will be delivered to the notification_url sent in the verification creation request.
Until dLocal receives a 200 status code confirmation on these notifications, it will retry once an hour for 7 days.
Signature notifications
An HMAC signature is calculated using a request's key-value pairs and a secret key, which is known only to you and dLocal. By verifying this signature, you'll confirm that the notification was not modified during transmission.
dLocal will be signing each POST notification using the same method described on the Security section (HMAC-SHA256 hash function).
Simply take the Signature HTTP header from the notification, and compare it with the one generated by you using your x-login and secretKey, and the X-date and request body of the notification received. If the signature generated by you matches the one received in the Signature HTTP header, then it is safe to assume that this is a valid message from dLocal.
Merchants will receive notifications on a webhook regarding verification status updates. The webhook endpoint will have to comply with the following signature:
- HTTP method: POST
- Payload: A JSON object containing the following fields
Notification fields
| Body Field | Type | Description |
|---|---|---|
id | String | Notifications ID in UUID format. |
notification_date | Date | Notification date timestamp (YYYY-MM-DD hh:mm:ss.zzz). |
event_type | String | Notification type. See details. |
verification_id | String | dLocal verification ID. |
external_reference | String | ID given by the merchant in their system. |
expiration_date | Date | Verification expiration date timestamp (YYYY-MM-DD hh:mm:ss.zzz). |
Event types
Type of notification events:
| Type | Description |
|---|---|
VERIFICATION_PENDING | Verification is pending action. |
VERIFICATION_APPROVED | Verification is approved. |
VERIFICATION_REJECTED | Verification is rejected. |
VERIFICATION_EXPIRED | Verification has expired. |
VERIFICATION_ERROR | Error occurred during verification. |
Example notifications
{
"id": "KN-c5ef8bd4-0846-47a2-9301-c1ed539731e1",
"notification_date": "YYYY-MM-DD hh:mm:ss.zzz",
"event_type": "VERIFICATION_APPROVED",
"verification_id": "KV-56fe683c-d0de-4ce4-af97-50faa6cea3a6",
"external_reference": "KYC-56fe683c-d0de-4ce4-af97-50faa6cea3a6",
"expiration_date": "YYYY-MM-DD hh:mm:ss.zzz"
}
{
"id": "KN-c5ef8bd4-0846-47a2-9301-c1ed539731e1",
"notification_date": "YYYY-MM-DD hh:mm:ss.zzz",
"event_type": "VERIFICATION_REJECTED",
"verification_id": "KV-56fe683c-d0de-4ce4-af97-50faa6cea3a6",
"external_reference": "KYC-56fe683c-d0de-4ce4-af97-50faa6cea3a6",
"expiration_date": "YYYY-MM-DD hh:mm:ss.zzz"
}
{
"id": "KN-c5ef8bd4-0846-47a2-9301-c1ed539731e1",
"notification_date": "YYYY-MM-DD hh:mm:ss.zzz",
"event_type": "VERIFICATION_PENDING",
"verification_id": "KV-56fe683c-d0de-4ce4-af97-50faa6cea3a6",
"external_reference": "KYC-56fe683c-d0de-4ce4-af97-50faa6cea3a6",
"expiration_date": "YYYY-MM-DD hh:mm:ss.zzz"
}
{
"id": "KN-c5ef8bd4-0846-47a2-9301-c1ed539731e1",
"notification_date": "YYYY-MM-DD hh:mm:ss.zzz",
"event_type": "VERIFICATION_EXPIRED",
"verification_id": "KV-56fe683c-d0de-4ce4-af97-50faa6cea3a6",
"external_reference": "KYC-56fe683c-d0de-4ce4-af97-50faa6cea3a6",
"expiration_date": "YYYY-MM-DD hh:mm:ss.zzz"
}
HTTP Status response
200: If the event could be processed successfully500: Something went wrong while notifying the merchant