Skip to main content
When integrating webhooks for the first time, the fastest way to confirm the Qonto side works is to point your subscription at a disposable public URL and watch the request come in — before involving your own server. webhook.site generates a unique URL on the fly and displays every incoming request live (method, headers, body). That removes your own endpoint from the equation: if the request shows up there, your subscription is correctly registered and Qonto is delivering events. You can then swap the callback_url to your real endpoint and continue the integration.
webhook.site URLs are publicly accessible. Use a Sandbox subscription only — never point Production events at a disposable URL.
1

Generate a webhook.site URL

Open https://webhook.site. A unique URL is generated at the top of the page. Copy it.
2

Create a Sandbox subscription pointing to it

Call POST /v2/webhook_subscriptions with that URL as callback_url, using the Sandbox base URL and the X-Qonto-Staging-Token header.
curl -X POST https://thirdparty-sandbox.staging.qonto.co/v2/webhook_subscriptions \
  -H "Authorization: Bearer <your_token>" \
  -H "X-Qonto-Staging-Token: <your_staging_token>" \
  -H "Content-Type: application/json" \
  -d '{
    "subscription": {
      "event_type": "transaction.updated",
      "callback_url": "https://webhook.site/<your-unique-id>"
    }
  }'
3

Trigger an event

In the Sandbox, update an existing transaction to emit a transaction.updated event. Reliable triggers:
  • Add an attachment to a transaction
  • Update the transaction note
Not every change on a transaction emits a webhook. Attachment uploads and note updates are the most reliable way to generate one on demand.
4

Inspect the request on webhook.site

Within a few seconds, the request should appear in the webhook.site UI. You can inspect:
  • Method: POST
  • Headers, including X-Qonto-Signature
  • The JSON payload
5

Switch to your own endpoint

Seeing the request on webhook.site confirms the subscription is live. Update the callback_url to your real endpoint via PATCH /v2/webhook_subscriptions/:id, then implement signature verification and payload processing on your side — see Setup.
If the request never shows up on webhook.site, head to Troubleshooting.