v1/sepa-direct-debit-mandates

{ "id": "123e4567-e89b-12d3-a456-426614174000", "subscription_id": "123e4567-e89b-12d3-a456-426614174000", "organization_id": "123e4567-e89b-12d3-a456-426614174000", "membership_id": "123e4567-e89b-12d3-a456-426614174000", "type": "v1/sepa-direct-debit-mandates", "created_at": "2025-01-24T10:55:00Z", "data": { "event": "accepted", "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "unique_mandate_reference": "UMR-...", "status": "signed", "mandate_signature_date": "2025-01-24T10:55:00Z" } }

Authorizations

X-Qonto-Signature

string

header

required

The signature header follows the format t={timestamp},v1={signature}.

Verification steps:

Extract the timestamp and signature from the signature header
Reject the request if the timestamp is older than 5 minutes
Recreate the signed payload: '{timestamp}.{raw_request_body}'
Compute HMAC-SHA256 of the signed payload using your webhook secret as the key
Compare the computed signature with the one in the header

Body

application/json

Webhook payload for topic v1/sepa-direct-debit-mandates.

string<uuid>

required

subscription_id

string<uuid>

required

organization_id

string<uuid>

required

membership_id

string<uuid>

required

type

enum<string>

required

Available options:

v1/sepa-direct-debit-mandates

created_at

string<date-time>

required

data

object

required

Show child attributes

Response

200

Webhook received successfully