Skip to main content
WEBHOOK

Authorizations

X-HG-Webhook-Signature
string
header
required

HMAC-SHA256 signature of the raw JSON body. Format: sha256=<hex>. When you configure a webhook signing secret in account settings, HG.Cash includes this header on every webhook POST. Verify the signature in your endpoint to ensure the request is authentic.

Body

application/json

Payload sent to your webhook endpoint when a transaction request status changes.

Headers: When you configure a webhook signing secret in account settings, HG.Cash sends the header X-HG-Webhook-Signature: sha256=<hex> where the value is HMAC-SHA256 of the raw JSON body using your secret. Verify this to ensure the request is authentic.

Notes:

  • Numeric values (like amount, CBU/CUIT) are sent as strings to preserve precision and formatting.
  • date is a local date-time and must be interpreted using timezone.
  • Configure your webhook URL in the account settings page.
topic
enum<string>
required

Webhook topic for routing (always TRANSACTION_REQUEST for transaction request webhooks)

Available options:
TRANSACTION_REQUEST
Example:

"TRANSACTION_REQUEST"

eventType
enum<string>
required

Event kind within the topic

Available options:
status_change,
transaction_associated
Example:

"status_change"

id
string<uuid>
required

Internal transaction ID

Example:

"789e0123-e89b-12d3-a456-426614174999"

externalID
string
required

External ID provided when creating the transaction

Example:

"TXN-2024-001234"

amount
string
required

Transaction amount as a decimal string

Example:

"15000.50"

currency
string
required

ISO 4217 currency code

Pattern: ^[A-Z]{3}$
Example:

"ARS"

direction
enum<string>
required

Transaction direction

Available options:
Inbound,
Outbound
Example:

"Inbound"

status
enum<string>
required

Current transaction request status

Available options:
PENDING,
AWAITING_REVIEW,
PROCESSING,
DONE,
ERROR,
CANCELLED
Example:

"PENDING"

type
string
required

Type of notification. Always "request" for transaction requests

Example:

"request"

accountId
string<uuid>
required

HG.Cash account ID associated with the transaction

Example:

"550e8400-e29b-41d4-a716-446655440123"

date
string<date-time>
required

Transaction local date-time in the provided timezone

Example:

"2024-06-19T10:30:00"

timezone
string
required

IANA timezone identifier used to interpret date

Example:

"America/Argentina/Buenos_Aires"

error
string

Optional error message when status is ERROR

Example:

"Insufficient funds on destination account"

errorCode
enum<string>

Machine-readable error code when status is ERROR

Available options:
INSUFFICIENT_BALANCE,
DESTINATION_ERROR
Example:

"INSUFFICIENT_BALANCE"

fromName
string

Name of the sender

Example:

"Juan Pérez"

toName
string

Name of the recipient

Example:

"María García"

fromCBU
string

Sender CBU (22-digit). Sent as string.

Pattern: ^\d{22}$
Example:

"1700015400000000000010"

toCBU
string

Recipient CBU (22-digit). Sent as string.

Pattern: ^\d{22}$
Example:

"1100015400000000000021"

toCVU
string

Recipient CVU (22-digit). Sent as string.

Pattern: ^\d{22}$
Example:

"0000003100012345678901"

fromCUIT
string

Sender CUIT/CUIL (11-digit). Sent as string.

Pattern: ^\d{11}$
Example:

"20123456789"

toCUIT
string

Recipient CUIT/CUIL (11-digit). Sent as string.

Pattern: ^\d{11}$
Example:

"27987654321"

concept
string

Transaction concept or description

Example:

"Payment for services"

coelsaCode
string

Coelsa transaction code

Example:

"COELSA123456"

data
object

Optional JSON metadata from the transaction request

isSecurityFlagged
boolean

When true, the request was held for security review before processing

securityFlagReason
string

Optional machine-readable reason when flagged for security review

transactionId
string<uuid>

Linked ledger transaction ID (included on transaction_associated webhooks)