# Register URL
To register your URL, send the endpoint details to our Integrations team. The Integrations team will complete the registration on your behalf and confirm once your endpoint is successfully configured.
{% hint style="warning" %}
Ensure that your endpoint supports HTTPS and can handle requests sent from the Integration team.
{% endhint %}
### **Secure endpoint**
To secure the endpoint:
* Use HTTPS endpoint.
* Restrict IP addresses if applicable.
### **Verify your signature**
Each webhook request includes a secure signature header to confirm its authenticity. Verifying this signature helps ensure the payload was sent by Xplor Pay.
{% hint style="info" %}
Signature verification is applicable for Transaction Webhooks only. Other webhooks do not include signature validation.
{% endhint %}
### **Webhook notifications**
Once your endpoint is registered and webhooks are configured, you will begin receiving event notifications relevant to your merchant account.
The code sample of webhook notification as below:
{% code lineNumbers="true" %}
```json
{
"event": "Manual Review",
"merchantId": "6588949900000011",
"payload": null
}
```
{% endcode %}
{% hint style="warning" %}
The `payload` value varies by event type. Some events return `null`, while others include additional JSON data relevant to the event.
{% endhint %}
### **Retry logic**
If your endpoint does not acknowledge receipt of a webhook (i.e., returns a `non-2xx` status), the system will automatically retry the callback. A `2xx` status code (e.g., `200 OK`) indicates successful receipt of the webhook, and no retry will be attempted.
`Non-2xx` status codes (e.g., `400 Bad Request`, `500 Internal Server Error`) indicate failure. The system will retry the request based on the retry policy.
* **Total Attempts:** Up to 3 delivery attempts
* **Retry Strategy:** Exponential backoff is applied between each attempt
This ensures reliable delivery of webhook events, even if your endpoint is temporarily unavailable.
{% hint style="warning" %}
Ensure your server responds with a `2xx` status code upon successful receipt to avoid missed events.
{% endhint %}
### **Test webhook**
To test your webhook integration, make sure your endpoint returns a proper HTTP status code to indicate the result of processing the request. To help you test different webhook response scenarios in the INT (integration) environment, the system recognizes special keywords in the merchant’s **DBA (Doing Business As)** name field. Use the following naming conventions to simulate specific onboarding outcomes:
* **\[DECL]** – The application will be marked as **Declined** after signing. A webhook will be triggered with the "Declined" status.
* **\[PEND]** – The application will move to **Pended** status after signing. You will receive a webhook indicating this status change.
* **\[APPR]** – The application will be marked as **Approved** after signing, and a corresponding webhook will be sent.
{% hint style="warning" %}
Ensure that the DBA name includes the exact keyword in brackets (e.g., `MyStore [DECL]`) to trigger the appropriate behavior in the INT environment.
{% endhint %}
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.xplorpay.com/api-reference/webhooks/register-url.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.