v1/sepa-direct-debit-mandates

{
    "id": "123e4567-e89b-12d3-a456-426614174000",
    "subscription_id": "123e4567-e89b-12d3-a456-426614174000",
    "organization_id": "123e4567-e89b-12d3-a456-426614174000",
    "membership_id": "123e4567-e89b-12d3-a456-426614174000",
    "type": "v1/sepa-direct-debit-mandates",
    "created_at": "2025-01-24T10:55:00Z",
    "data": {
        "event": "accepted",
        "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
        "unique_mandate_reference": "UMR-...",
        "status": "signed",
        "mandate_signature_date": "2025-01-24T10:55:00Z"
    }
}

WEBHOOK

sepa-direct-debit-mandates

{
    "id": "123e4567-e89b-12d3-a456-426614174000",
    "subscription_id": "123e4567-e89b-12d3-a456-426614174000",
    "organization_id": "123e4567-e89b-12d3-a456-426614174000",
    "membership_id": "123e4567-e89b-12d3-a456-426614174000",
    "type": "v1/sepa-direct-debit-mandates",
    "created_at": "2025-01-24T10:55:00Z",
    "data": {
        "event": "accepted",
        "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
        "unique_mandate_reference": "UMR-...",
        "status": "signed",
        "mandate_signature_date": "2025-01-24T10:55:00Z"
    }
}

This topic delivers events related to SEPA Direct Debit mandates. Event: accepted — The mandate has been signed by the debtor. The data.id field is the mandate ID.

{
    "id": "123e4567-e89b-12d3-a456-426614174000",
    "subscription_id": "123e4567-e89b-12d3-a456-426614174000",
    "organization_id": "123e4567-e89b-12d3-a456-426614174000",
    "membership_id": "123e4567-e89b-12d3-a456-426614174000",
    "type": "v1/sepa-direct-debit-mandates",
    "created_at": "2025-01-24T10:55:00Z",
    "data": {
        "event": "accepted",
        "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
        "unique_mandate_reference": "UMR-...",
        "status": "signed",
        "mandate_signature_date": "2025-01-24T10:55:00Z"
    }
}

Authorizations

X-Qonto-Signature

string

header

required

The signature header follows the format t={timestamp},v1={signature}.

Verification steps:

Extract the timestamp and signature from the signature header
Reject the request if the timestamp is older than 5 minutes
Recreate the signed payload: '{timestamp}.{raw_request_body}'
Compute HMAC-SHA256 of the signed payload using your webhook secret as the key
Compare the computed signature with the one in the header

Body

application/json

Webhook payload for topic v1/sepa-direct-debit-mandates.

string<uuid>

required

subscription_id

string<uuid>

required

organization_id

string<uuid>

required

membership_id

string<uuid>

required

type

enum<string>

required

Available options:

v1/sepa-direct-debit-mandates

created_at

string<date-time>

required

data

object

required

Show child attributes

Response

200

Webhook received successfully

v1/client-invoices v1/sepa-direct-debit-collections

⌘I

Business API

Onboarding API

v1/sepa-direct-debit-mandates

Authorizations

Body

Response