Transaction Update

POST 
/webhooks/kraken/transaction-update

This endpoint can be implemented by the partner to receive real-time transaction status updates from Kraken.

When a Ramp transaction is created or changes state, Kraken sends a POST request to the partner's configured webhook URL with transaction details and status information.

Security

All webhook requests include an X-Signature header containing an HMAC-SHA256 signature of the request body. Partners should verify this signature to ensure integrity of the request.

Contact your Kraken integration point of contact to securely exchange the HMAC secret key for signature verification.

Signature Verification

1. Extract the X-Signature header value
2. Compute HMAC-SHA256 of the raw request body using your webhook secret
3. Compare the computed signature with the X-Signature header value (hex-encoded)

import crypto from 'crypto';

// This function will return true/false if the signature matches
const verifySignature = (signature: string, secret: string, body: string) => {
  const hash = crypto.createHmac('sha256', secret).update(body).digest('hex');
  return (signature === hash);
};

Retry Behavior

Kraken will automatically retry failed webhook deliveries using exponential backoff. Partners should respond with HTTP 2xx status to acknowledge receipt. Non-2xx responses will trigger retries.

Status Types

The status field provides a simplified transaction state:

• new - Transaction has been initiated
• paid - Payment has been received
• pending - Transaction is being processed
• completed - Transaction successfully completed
• failed - Transaction failed
• canceled - Transaction was canceled

Request

Responses

200

Webhook received and processed successfully. Return any 2xx status code to acknowledge receipt.

500

Internal server error on partner side. Kraken will retry delivery.