Webhook Field Index
The table below contains a comprehensive list of all fields that appear within Spidr webhooks, along with their description.
Webhook Field Index
| Field | Description | Appears in (Webhook Types) |
|---|---|---|
| accountId | Unique identifier for the account. | All account, card, transaction, and achAccount webhooks |
| accountNumber | Account number associated with the account. | account.create |
| achAccountId | Unique identifier for the ACH account. | achAccount.create, achAccount.remove, transaction.createAch |
| achRequestId | Unique identifier for the ACH request. | transaction.createAch, transaction.cancelAch |
| actionRequestor | Object containing details about the source of the action. | All webhooks |
| actionRequestor.source | Source of the action ("api" or "sst"). | All webhooks |
| actionRequestor.sstRequestorUserEmail | Email of the SST user who initiated the action (if source is "sst"). | account.statusUpdate, card.resetPin, transaction.reverseFee, transaction.adj |
| actionRequestor.sstRequestorUserId | ID of the SST user who initiated the action (if source is "sst"). | account.statusUpdate, card.resetPin, transaction.reverseFee, transaction.adj |
| adjustmentType | Type of adjustment applied. | transaction.adj |
| amount | Amount of the transaction or fee. | transaction.createAch, transaction.createFee, transaction.adj, transaction.payment, transaction.a2a |
| archiveReason | Reason for archiving a user. | user.archive |
| cardId | Unique identifier for the card. | All card webhooks, cardId also in responseBody for some card webhooks |
| cardNumber | Masked card number. | card.reissued (responseBody), card.replaced (responseBody.card) |
| cardExpiryDate | Card expiration date. | card.reissued (responseBody), card.replaced (responseBody.card) |
| changes | Array of objects describing changes made (field, oldValue, newValue). | user.edit, user.archive, account.shippingAddressUpdate, account.statusUpdate, account.featureUpdate, card.activate, card.replaced, card.pinChanged |
| changes.field | Name of the field that was changed. | All webhooks with changes |
| changes.oldValue | Previous value of the changed field. | All webhooks with changes |
| changes.newValue | New value of the changed field. | All webhooks with changes |
| companyId | The ID of the company associated with the webhook. | All webhooks |
| cip | Customer Identification Program details. | user.create |
| creditDebitIndicator | Indicates if the adjustment is a credit or debit. | transaction.adj |
| dateArchived | Date the user was archived. | user.archive (in changes) |
| dateOfBirth | User's date of birth. | user.edit (in changes) |
| debitCreditIndicator | Indicates if the ACH transaction is a debit or credit. | transaction.createAch |
| description | Description of the transaction or adjustment. | transaction.createAch, transaction.adj |
| User's email address. | user.edit (in changes) | |
| encryptedCardData | Encrypted card data for mobile wallet provisioning. | card.mobileWalletProvision (responseBody) |
| expires | Expiry date/time for a card image URL. | card.fetchImageUrl (responseBody) |
| features.achTransfers | Indicates if ACH transfers are enabled for the account. | account.featureUpdate (in changes.field) |
| feeType | Type of fee applied. | transaction.createFee |
| firstName | User's first name. | user.edit (in changes) |
| id | Unique identifier for the user (in responseBody). | user.create (responseBody) |
| isArchived | Indicates if the user/account/card is archived. | user.archive (in changes), card.replaced (in changes) |
| lastName | User's last name. | user.edit (in changes) |
| message | Message attached to a transfer. | transaction.a2a |
| newBalance | New balance after transaction. | transaction.createFee, transaction.reverseFee, transaction.adj, transaction.payment, transaction.a2a (responseBody) |
| newStatus | New status after an update. | account.statusUpdate (responseBody), card.frozen (responseBody), card.unfrozen (responseBody), card.statusUpdate (responseBody) |
| oldBalance | Previous balance before transaction. | transaction.createFee, transaction.reverseFee, transaction.adj, transaction.payment, transaction.a2a (responseBody) |
| originalFeeTransactionId | The original fee transaction ID being reversed. | transaction.reverseFee |
| paymentTransactionId | Unique identifier for the payment transaction. | transaction.payment (responseBody) |
| paymentType | Type of payment. | transaction.payment |
| productId | Unique identifier for the product. | All webhooks except user.retrieveId, user.retrieveIdHistory, ZTM webhooks |
| providerDetails | Raw payload from the associated external provider. | transaction.payment (in data), transaction.adj (in data) |
| providerDetails.orig_name | Originator name - the name of the sending institution or entity for incoming ACH. | transaction.payment (in data.providerDetails), transaction.adj (in data.providerDetails) |
| providerDetails.orig_acct_number | Originator account number - the source account for the incoming ACH. | transaction.payment (in data.providerDetails), transaction.adj (in data.providerDetails) |
| providerDetails.odfi_routing_number | ODFI routing number - Originating Depository Financial Institution routing number. | transaction.payment (in data.providerDetails), transaction.adj (in data.providerDetails) |
| removed | Boolean indicating if an ACH account was removed. | achAccount.remove (responseBody) |
| requestId | Unique identifier for the request that triggered the webhook. | All webhooks |
| responseBody | Contains the full result of the API request that generated the webhook. | All webhooks |
| responseBody.accountId | Account ID in the response body. | account.create, account.featureUpdate |
| responseBody.achAccountId | ACH Account ID in the response body. | achAccount.create |
| responseBody.adjustmentTransactionId | Adjustment transaction ID in the response body. | transaction.adj |
| responseBody.card | Card object in the response body. | card.replaced |
| responseBody.cardExpiryDate | Card expiry date in the response body. | card.reissued |
| responseBody.cardId | Card ID in the response body. | card.activate, card.fetchImageUrl, card.pinToken, card.resetPin |
| responseBody.cardNumber | Card number in the response body. | card.reissued, card.replaced |
| responseBody.encryptedCardData | Encrypted card data in the response body. | card.mobileWalletProvision |
| responseBody.expires | Expiry date/time in the response body. | card.fetchImageUrl |
| responseBody.feeTransactionId | Fee transaction ID in the response body. | transaction.createFee |
| responseBody.id | User ID in the response body. | user.create |
| responseBody.newBalance | New balance in the response body. | transaction.createFee, transaction.reverseFee, transaction.adj, transaction.payment, transaction.a2a |
| responseBody.newStatus | New status in the response body. | account.statusUpdate, card.frozen, card.unfrozen, card.statusUpdate |
| responseBody.oldBalance | Old balance in the response body. | transaction.createFee, transaction.reverseFee, transaction.adj, transaction.payment, transaction.a2a |
| responseBody.paymentTransactionId | Payment transaction ID in the response body. | transaction.payment |
| responseBody.removed | Indicates if an ACH account was removed in the response body. | achAccount.remove |
| responseBody.spidrActionId | Unique identifier for the Spidr action in the response body. | All webhooks with responseBody |
| responseBody.status | Status in the response body. | transaction.createFee, transaction.reverseFee, transaction.adj, transaction.payment, transaction.cancelAch, card.activate, card.resetPin |
| responseBody.updated | Boolean indicating if an object was updated in the response body. | user.edit, user.archive, account.featureUpdate |
| responseBody.url | Card image URL in the response body. | card.fetchImageUrl |
| reversalTransactionId | Unique identifier for the reversal transaction. | transaction.reverseFee (responseBody) |
| senderMessage | Message from the sender in a transfer. | transaction.a2a |
| spidrActionId | Unique identifier for the Spidr action. | All webhooks |
| status | Status of the card or transaction. | card.activate (responseBody), card.resetPin (responseBody), transaction.createFee, transaction.reverseFee, transaction.adj, transaction.payment, transaction.cancelAch |
| statusReason | Reason for the status change. | account.statusUpdate (responseBody), account.statusUpdate (changes) |
| token | PIN change token for a card. | card.pinToken (responseBody) |
| transferToAccountId | Account ID to which funds are transferred. | transaction.a2a |
| type | Type of transaction or webhook. | transaction.a2a, transaction.payment |
| updated | Boolean indicating if an object was updated. | user.edit, user.archive, account.featureUpdate (responseBody) |
| url | Card image URL. | card.fetchImageUrl (responseBody) |
| userId | The ID of the user associated with the webhook event. | All webhooks |
| uuid | Unique identifier for the webhook event. | All webhooks |
| webhookType | The type of webhook event (e.g., user.archive, account.create). | All webhooks |
| ztmData | Risk and risk provider object. | user.create, achAccount.create, auth.authApproved (in data) |
ZTM Webhook-Specific Fields
The following fields may appear in ZTM (Zero Touch Monitoring) webhooks such as idvSession.*, watchlistScreening.*, and user.cipStatusUpdate:
| Field | Description | Appears in (Webhook Types) |
|---|---|---|
| cipStatus | Current CIP (Customer Identification Program) status of the user. | user.cipStatusUpdate |
| idvSessionId | Unique identifier for the identity verification session. | idvSession.* webhooks |
| idvSessionStatus | Current status of the identity verification session. | idvSession.* webhooks |
| plaidIdvSessionId | Plaid's identifier for the IDV session. | idvSession.* webhooks (when using Plaid) |
| requiresAction | Indicates what action is required (e.g., manual review, retry). | idvSession.manualReviewRequired, idvSession.needsDecision |
| watchlistHitId | Unique identifier for a watchlist screening hit. | watchlistScreening.hitUpdate |
| watchlistScreeningId | Unique identifier for the watchlist screening. | watchlistScreening.statusUpdate, watchlistScreening.hitUpdate |
| watchlistScreeningStatus | Current status of the watchlist screening (e.g., clear, review, hit). | watchlistScreening.statusUpdate |
Provider Webhook-Specific Fields
The following fields appear in provider-originated webhooks such as account.pinChangeStageSuccess and account.pinChange. These webhooks have a data wrapper object instead of top-level fields:
| Field | Description | Appears in (Webhook Types) |
|---|---|---|
| data | Wrapper object containing the webhook payload data. | account.pinChangeStageSuccess, account.pinChange |
| data.accountId | Unique identifier for the account. | account.pinChangeStageSuccess, account.pinChange |
| data.accountNumber | Account number associated with the account. | account.pinChangeStageSuccess, account.pinChange |
| data.cardId | Unique identifier for the card. | account.pinChange |
| data.productId | Unique identifier for the product. | account.pinChangeStageSuccess, account.pinChange |
| data.providerDetails | Object containing raw provider data (e.g., Galileo event details). | account.pinChangeStageSuccess, account.pinChange |
| data.providerDetails.provider | Name of the provider (e.g., "galileo"). | account.pinChangeStageSuccess, account.pinChange |
| data.providerDetails.type | Provider event type (e.g., "agserv_PIN_change_success", "system_pin_change"). | account.pinChangeStageSuccess, account.pinChange |
| data.providerDetails.eventType | Category of the provider event (e.g., "AccountEvent"). | account.pinChangeStageSuccess, account.pinChange |
| data.timestamp | UTC timestamp of when the event occurred. | account.pinChangeStageSuccess, account.pinChange |
| data.userId | Unique identifier for the user. | account.pinChangeStageSuccess, account.pinChange |
Authorization and Settlement Webhook Fields
The following fields appear in authorization and settlement webhooks such as auth.authApproved, deniedAuth, and transaction.settle. These webhooks have a data wrapper object containing transaction details from payment processors:
| Field | Description | Appears in (Webhook Types) |
|---|---|---|
| data | Wrapper object containing the webhook payload data. | auth.authApproved, deniedAuth, transaction.settle |
| data.accountId | Unique identifier for the account. | auth.authApproved, deniedAuth, transaction.settle |
| data.amount | Transaction amount (negative for debits/purchases). | auth.authApproved, deniedAuth, transaction.settle |
| data.authDate | Timestamp when the authorization occurred. | auth.authApproved, deniedAuth, transaction.settle |
| data.calculatedBalance | Account balance after the transaction. | auth.authApproved, deniedAuth, transaction.settle |
| data.cardId | Unique identifier for the card used in the transaction. | auth.authApproved, deniedAuth, transaction.settle |
| data.description | Merchant or transaction description. | auth.authApproved, deniedAuth, transaction.settle |
| data.mccCode | Merchant Category Code for the transaction. | auth.authApproved, deniedAuth, transaction.settle |
| data.parentAuthId | ID of the parent authorization for a settlement. | transaction.settle |
| data.postedDate | Date/time when the transaction was posted (null for pending authorizations). | auth.authApproved, deniedAuth, transaction.settle |
| data.productId | Unique identifier for the product. | auth.authApproved, deniedAuth, transaction.settle |
| data.providerDetails | Object containing raw provider/processor data. | auth.authApproved, deniedAuth, transaction.settle |
| data.providerDetails.additionalFields | Object containing additional provider-specific fields. | auth.authApproved, deniedAuth, transaction.settle |
| data.providerDetails.additionalFields.response_code | Response code from the payment processor (e.g., "00" for approved, "5C" for declined). | auth.authApproved, deniedAuth |
| data.providerDetails.additionalFields.response_reasons | Human-readable reason for declined transactions. | deniedAuth |
| data.providerDetails.additionalFields.type | Type of transaction event (e.g., "auth", "denied_auth", "setl"). | auth.authApproved, deniedAuth, transaction.settle |
| data.providerDetails.auth_id | Authorization ID from the payment processor. | auth.authApproved, deniedAuth, transaction.settle |
| data.providerDetails.auth_ts | Authorization timestamp from the processor. | auth.authApproved, deniedAuth, transaction.settle |
| data.providerDetails.amt | Transaction amount from the processor. | auth.authApproved, deniedAuth, transaction.settle |
| data.providerDetails.card_id | Card identifier from the payment processor. | auth.authApproved, deniedAuth, transaction.settle |
| data.providerDetails.formatted_merchant_desc | Formatted merchant description. | auth.authApproved, deniedAuth, transaction.settle |
| data.providerDetails.mcc_code | Merchant Category Code from the processor. | auth.authApproved, deniedAuth, transaction.settle |
| data.providerDetails.merchant_id | Merchant identifier. | auth.authApproved, deniedAuth, transaction.settle |
| data.providerDetails.network_code | Card network code (e.g., "V" for Visa). | auth.authApproved, deniedAuth, transaction.settle |
| data.providerDetails.pmt_ref_no | Payment reference number. | auth.authApproved, deniedAuth, transaction.settle |
| data.providerDetails.provider | Name of the webhook provider (e.g., "galileo-webhook"). | auth.authApproved, deniedAuth, transaction.settle |
| data.providerDetails.trans_code | Transaction code from the processor (e.g., "VIA", "VSA"). | auth.authApproved, deniedAuth, transaction.settle |
| data.providerDetails.vendor | Name of the payment processor vendor (e.g., "galileo"). | auth.authApproved, deniedAuth, transaction.settle |
| data.status | Current status of the transaction (e.g., "pending", "settled"). | auth.authApproved, deniedAuth, transaction.settle |
| data.transactionId | Unique identifier for the transaction in Spidr. | auth.authApproved, deniedAuth, transaction.settle |
| data.txnKey | Unique key identifying the transaction. | auth.authApproved, deniedAuth, transaction.settle |
| data.txnRequestId | Request ID for the transaction (links settlements to authorizations). | auth.authApproved, deniedAuth, transaction.settle |
| data.txnType | Type of transaction (e.g., "purchase.authorization", "purchase.settlement", "other.denied_auth"). | auth.authApproved, deniedAuth, transaction.settle |
| data.userId | Unique identifier for the user. | auth.authApproved, deniedAuth, transaction.settle |
| data.vendor | Name of the payment processor vendor. | auth.authApproved, deniedAuth, transaction.settle |
| data.ztmData | ZTM risk assessment data (when ZTM is enabled). | auth.authApproved |
| data.ztmData.isTrainingMode | Indicates if ZTM is running in training mode. | auth.authApproved |
| data.ztmData.providerErrors | Array of errors from risk providers. | auth.authApproved |
| data.ztmData.providerResponses | Array of responses from risk providers. | auth.authApproved |
| data.ztmData.providerSummary | Summary of risk assessment from all providers. | auth.authApproved |
| data.ztmData.providerSummary.riskConfigurationId | ID of the risk configuration used. | auth.authApproved |
| data.ztmData.providerSummary.riskLevel | Overall risk level determined by providers. | auth.authApproved |
| data.ztmData.riskLevel | Overall risk level for the transaction (e.g., "low", "medium", "high"). | auth.authApproved |
Updated 6 days ago