Adyen · Arazzo Workflow

Adyen Management Create Webhook, Generate HMAC and Test

Version 1.0.0

Register a merchant webhook, generate its HMAC key, then send a test event.

1 workflow 1 source API 1 provider
View Spec View on GitHub PaymentsFinancial ServicesFintechArazzoWorkflows

Provider

adyen

Workflows

create-webhook-hmac-and-test
Create a merchant webhook, generate its HMAC key, and send a test event.
Creates a webhook for a merchant account, generates the HMAC signing key for it, sends a test notification to the configured url, and reads the webhook back to confirm its final configuration.
4 steps inputs: communicationFormat, merchantId, type, url outputs: hmacKey, url, webhookId
1
createWebhook
post-merchants-merchantId-webhooks
Create the webhook subscription for the merchant account with the supplied url, communication format, and type.
2
generateHmac
post-merchants-merchantId-webhooks-webhookId-generateHmac
Generate the HMAC key for the new webhook so incoming notifications can be signature-verified.
3
testWebhook
post-merchants-merchantId-webhooks-webhookId-test
Send a test notification to the configured url to confirm the endpoint receives and accepts webhook events.
4
getWebhook
get-merchants-merchantId-webhooks-webhookId
Read the webhook back by its id to confirm the final configuration after setup is complete.

Source API Descriptions

openapi
managementApi https://raw.githubusercontent.com/api-evangelist/adyen/refs/heads/main/openapi/management-openapi-original.yml

Arazzo Workflow Specification

adyen-management-webhook-create-hmac-and-test-workflow.yml Raw ↑ 
arazzo: 1.0.1
info:
  title: Adyen Management Create Webhook, Generate HMAC and Test
  summary: Register a merchant webhook, generate its HMAC key, then send a test event.
  description: >-
    Setting up a webhook for a merchant account is a multi-step task: you create
    the webhook subscription, generate the HMAC key used to verify incoming
    notifications, send a test event to confirm the endpoint receives it, and
    read the webhook back to confirm its configuration. This workflow chains
    those calls in the Management API. Every step spells out its request inline
    so the flow can be read and executed without opening the underlying OpenAPI
    description.
  version: 1.0.0
sourceDescriptions:
- name: managementApi
  url: ../openapi/management-openapi-original.yml
  type: openapi
workflows:
- workflowId: create-webhook-hmac-and-test
  summary: Create a merchant webhook, generate its HMAC key, and send a test event.
  description: >-
    Creates a webhook for a merchant account, generates the HMAC signing key for
    it, sends a test notification to the configured url, and reads the webhook
    back to confirm its final configuration.
  inputs:
    type: object
    required:
    - merchantId
    - url
    - communicationFormat
    - type
    properties:
      merchantId:
        type: string
        description: The unique identifier of the merchant account.
      url:
        type: string
        description: The public URL that will receive the webhook notifications.
      communicationFormat:
        type: string
        description: The message format for notifications (soap, http, or json).
      type:
        type: string
        description: The type of webhook (e.g. standard).
  steps:
  - stepId: createWebhook
    description: >-
      Create the webhook subscription for the merchant account with the supplied
      url, communication format, and type.
    operationId: post-merchants-merchantId-webhooks
    parameters:
    - name: merchantId
      in: path
      value: $inputs.merchantId
    requestBody:
      contentType: application/json
      payload:
        url: $inputs.url
        active: true
        communicationFormat: $inputs.communicationFormat
        type: $inputs.type
    successCriteria:
    - condition: $statusCode == 200
    outputs:
      webhookId: $response.body#/id
  - stepId: generateHmac
    description: >-
      Generate the HMAC key for the new webhook so incoming notifications can be
      signature-verified.
    operationId: post-merchants-merchantId-webhooks-webhookId-generateHmac
    parameters:
    - name: merchantId
      in: path
      value: $inputs.merchantId
    - name: webhookId
      in: path
      value: $steps.createWebhook.outputs.webhookId
    successCriteria:
    - condition: $statusCode == 200
    outputs:
      hmacKey: $response.body#/hmacKey
  - stepId: testWebhook
    description: >-
      Send a test notification to the configured url to confirm the endpoint
      receives and accepts webhook events.
    operationId: post-merchants-merchantId-webhooks-webhookId-test
    parameters:
    - name: merchantId
      in: path
      value: $inputs.merchantId
    - name: webhookId
      in: path
      value: $steps.createWebhook.outputs.webhookId
    requestBody:
      contentType: application/json
      payload:
        types:
        - AUTHORISATION
    successCriteria:
    - condition: $statusCode == 200
    outputs:
      testData: $response.body#/data
  - stepId: getWebhook
    description: >-
      Read the webhook back by its id to confirm the final configuration after
      setup is complete.
    operationId: get-merchants-merchantId-webhooks-webhookId
    parameters:
    - name: merchantId
      in: path
      value: $inputs.merchantId
    - name: webhookId
      in: path
      value: $steps.createWebhook.outputs.webhookId
    successCriteria:
    - condition: $statusCode == 200
    outputs:
      active: $response.body#/active
      url: $response.body#/url
  outputs:
    webhookId: $steps.createWebhook.outputs.webhookId
    hmacKey: $steps.generateHmac.outputs.hmacKey
    url: $steps.getWebhook.outputs.url