Webhooks User Guide
This document is a comprehensive guide to CCBill Webhooks and is intended for users with advanced coding skills.
It includes detailed instructions for configuring your system to receive Webhook data. You will learn how to send customer information to the CCBill payment form, the data variables involved, and how those variables are used to track and manage transaction events on your account.
Enable and Configure Webhooks
To configure Webhooks:
1. Log in to the Admin Portal.
2. Use the dropdown menu to select a specific subaccount.
3. Click Webhooks in the left-side menu.
4. In the Webhook URL field, enter the URL where you want to receive posts.
5. Select one of the available Webhooks data formats:
- JSON. Follows the JSON (JavaScript Object Notation) open-standard format and uses the content type
application/json. - URL Encoded. Uses the content type
application/x-www-form-encoded(original format).
6. Select the post types you wish to subscribe to. Click All to select all types or individually select checkboxes for specific post types.
7. To minimize latency, select the Satellite Location closest geographically to the server hosting the URL you entered in step four. Available locations include:
- Phoenix, Arizona
- Ashburn, Virginia
- Amsterdam, Netherlands
8. Click Update to save the configuration.
After at least one Webhooks configuration has been saved, you will be presented with the option to edit, remove, add, or select notification versions. You may add up to four (4) Webhooks URLs.
Webhooks Versioning
Since October 2013, Webhooks have supported versioning to ensure backward compatibility. Changes to the Webhooks system will not disrupt existing configurations.
A ChangeLog at the end of this document summarizes changes for each version.
Whenever you create a new Webhooks configuration, it automatically uses the latest Webhooks version. Existing Webhooks configurations created under older versions can optionally be upgraded. Note the following rules for updating existing configurations:
- Adding a new event to an existing configuration will cause only the newly added event to use the latest Webhooks version. Previously configured events will continue to use their original versions.
- Updating the URL of an existing Webhook configuration does not upgrade it to a new Webhook version.
Webhooks IP Ranges
You will receive Webhooks from the following CCBill IP ranges:
64.38.212.1-64.38.212.25464.38.215.1-64.38.215.25464.38.240.1-64.38.240.25464.38.241.1-64.38.241.254
You can use this information to set up firewall rules or confirm the validity of a Webhook from within your application.
URL Parameters
Webhooks send 4 URL parameters with posts to let you know what type of Webhook is contained in the post. The following parameters are sent:
| clientAccnum | The Merchant's account number. |
| clientSubacc | The Merchant subaccount number. |
| eventType | The Webhook event being sent, such as NewSaleSuccess or Expiration. |
| eventGroupType | The event group to which the event type belongs. At this time, only Subscription is a valid option. |
The URL Parameters comprise the first line in the following Webhooks Post example:
URL Encoded Format
POST /webhooks.php?clientAccnum=999999&clientSubacc=9999&eventType=Expiration&eventGroupType=Subscription HTTP/1.1
X-Allowed-Satellites: PHX,ASH,AMS
Content-Type: application/x-www-form-urlencoded
Content-Length: 102
Host: merchanturl.com
User-Agent: Java/1.6.0_03
Via: 1.1 wmq1.ccbill.com:3129 (squid/2.7.STABLE5), 1.0 internal
Cache-Control: max-age=0
Connection: keep-alive
clientAccnum=999999&clientSubacc=9999&subscriptionId=0913024401000012340×tamp=2013-01-25 03:22:44JSON Format
POST /webhooks.php?clientAccnum=999999&clientSubacc=9999&eventType=Expiration&eventGroupType=Subscription HTTP/1.1
X-Allowed-Satellites: PHX,ASH,AMS
Content-Type: application/json
Content-Length: 102
Host: merchanturl.com
User-Agent: Java/1.6.0_03
Via: 1.1 wmq1.ccbill.com:3129 (squid/2.7.STABLE5), 1.0 internal
Cache-Control: max-age=0
Connection: keep-alive
{"clientAccnum":"999999","clientSubacc":"9999","subscriptionId":"0913024401000012340","timestamp":"2013-01-25 03:22:44"}Variable Reference
CCBill has a set of specified system variables that can be used to pull data from CCBill’s system. Two variable sets are used, one for each of the following situations:
- Payment Form. These variables are used to pre-fill the payment form. Naming the variables correctly, as listed below, will ensure the data is properly stored in CCBill’s system as the variables are intended.
- Return. These variables are sent to the Webhook URL, depending on the transaction's outcome.
In both cases, custom variables will be sent exactly as they were entered. System variable names must be entered exactly as they appear in this list.
Payment Form Variables
The following chart lists each variable that can be pre-filled in the payment form:
| Variable Name | Description |
|---|---|
| customer_fname | Consumer first name. |
| customer_lname | Consumer last name. |
| address1 | Consumer address. |
| Consumer email address. | |
| city | Consumer city. |
| state | Consumer state. |
| zipcode | Consumer Zip Code. |
| country | Consumer country. |
| phone_number | Consumer phone number. |
| username | Consumer username. |
| password | Consumer password. |
The following variables can also be passed into the payment form but are not shown on the form:
| Variable Name | Description | Example Value |
|---|---|---|
| referer | CCBill affiliate ID number. This value is passed as ‘reseller’ when using Traffic Manager to cascade to Epoch forms. | 1626321 |
| formName | Three or more character codes identifying the form. | 13cc |
| confirm_password | Confirm the password on the signup form. | 0 or 1 (yes or no) |
| subscriptionTypeId | Subscription Type ID. | 0108191202000001259 |
| allowedTypes | The subscription options that will appear on the form; this value is generated automatically in the Admin. | 0000003761:840, 0000004607:840 |
Passing Variables to the Payment Form
Variables can be passed to the payment form to pre-fill consumer information. This can be implemented for multi-part forms, custom tracking, and other implementations.
Variables are passed to the payment form from the preceding page through an HTML form or by passing in the variables through a URL string.
URL String Example
https://bill.cbill.com/jpost/signup.cgi?clientAccnum=900000&clientSubacc=0001&formName=211cc&language=English&allowedTypes=0000003761:840,0000004607:840,0000060248:840,0000063750:840,0000060752:840&subscriptionTypeId=0000004657:840HTML Form Fields
<form action='https://bill.ccbill.com/jpost/signup.cgi' method='POST'>
<input type='hidden' name='clientAccnum' value='900000'>
<input type='hidden' name='clientSubacc' value='0001'>
<input type='hidden' name='formName' value='211cc'>
<input type='hidden' name='language' value='English'>
<input type='hidden' name='allowedTypes' value='...'>
<input type='hidden' name='subscriptionTypeId' value='0000004657:840'>
<input type='submit' name='submit' value='Join Now'>
</form>
Custom Variables
Custom tracking variables can also be sent to the form. These values will be posted back to the Webhooks URL when the transaction is complete. To define these variables, specify a variable name and a value in the same manner as the other variables being passed.
Optional custom tracking variables can be added manually by creating additional HTML form fields or passing the additional variables into the URL string, depending on the chosen submission method.
The following example shows a basic HTML button code with two custom variables added. The button created will, when clicked, take the consumer to the CCBill payment form while passing in the two custom variables:
Example HTML Button Code with Custom Variables
<form action='https://bill.ccbill.com/jpost/signup.cgi' method=POST>
<input type=hidden name=clientAccnum value='900000'>
<input type=hidden name=clientSubacc value='0001'>
<input type=hidden name=formName value='211cc'>
<input type=hidden name=language value='English'>
<input type=hidden name=allowedTypes value='0000003361:840,0000004657:840,0000060748:840,0000060750:840,0000060752:840'> <input type=hidden name=subscriptionTypeId value='0000004657:840'>
<input type=hidden name=customVarName1 value=customVarValue1>
<input type=hidden name=customVarName2 value=customVarValue2>
<input type=submit name=submit value='Join Now'>
</form>customVarName1 and customVarName2 are only example variable names. You can assign any name and variable that suits your requirements.
Always perpend Pass-through Key/Values with X-.
Dynamic Variables in Custom Scripts
Information can also be passed to the CCBill payment form using dynamic variables in a custom script. A custom HTML form can call the script, sending the variables to the CCBill payment form.
The form you create will pass data entered by the consumer to the next form, which will then pass the variables to the CCBill payment form. Upon completion of the transaction, data will be sent to the Webhooks URL.
Perl/CGI Example for Hidden Field Generation
print "<input type=hidden name=customer_fname value='$cust_first_name'>";Other languages will have different statements and syntax for data output, such as print or echo statements in PHP. Link code can also dynamically generate variables in a similar fashion.
Receiving Data
When a transaction event occurs, CCBill sends variables back to your Webhook URL. These typically mirror the Payment Form variables plus consumer-entered information, along with additional status-related data (e.g., subscriptionId, timestamps, etc.). The exact return variables can differ by event type (sale, cancellation, etc.).
Data can be captured in multiple ways depending on the language in which the Webhooks script is written. For example:
Using PHP to Capture Data
$fname = $_POST["customer_fname"]Using Perl/CGI to Capture Data
$fname = param("customer_fname")__Other languages may use different functions to capture POST data. Variable names must match those specified in this guide.
Once the script captures these variable values, the script can handle the data in any manner specified in the script, such as inputting the information into a database.
Webhooks Notifications
The following sections detail the notifications that Webhooks can send to your URL and list the variables included in the notification push. Click the notification type to review individual parameters.
- NewSaleSuccess
- NewSaleFailure
- UpgradeSuccess
- UpgradeFailure
- UpSaleSuccess
- UpSaleFailure
- CrossSaleSuccess
- CrossSaleFailure
- Cancellation
- Expiration
- BillingDateChange
- CustomerDataUpdate
- UserReactivation
- RenewalSuccess (Rebill)
- RenewalFailure (Declined Rebill)
- Chargeback
- Return
- Refund
- Void
| Currency Numeric Code | Currency Letter Code | Currency Name |
|---|---|---|
| 036 | AUD | Australian Dollar |
| 124 | CAD | Canadian Dollar |
| 392 | JPY | Japanese Yen |
| 826 | GBP | United Kingdom Pound |
| 840 | USD | United States Dollar |
| 978 | EUR | Euro Member Countries |
| Decline Code | Decline Text |
|---|---|
| 1 | Website is not available for signup. |
| 2 | Unable to determine website signup requirements. |
| 3 | Your card type is not accepted, please try another type of credit card |
| 4 | Banking System Error |
| 5 | The credit card you entered is not valid |
| 6 | Please check to ensure you entered your expiration date. Used to show individual corresponding yearly, monthly or daily dates for report data. The date function's format is year-month-day; for example, 2002-01-01. correctly |
| 7 | Please check to ensure you entered your bank account number correctly |
| 8 | Please check to ensure you entered your bank's routing number correctly |
| 9 | Banking System Error, please try again |
| 10 | Website has invalid pricing |
| 11 | Transaction Declined |
| 12 | You currently have a subscription and are unable to signup |
| 13 | You have already had a free trial |
| 14 | You must enter your CVV2 number on the back of your card |
| 15 | Your account is currently being processed, please check the website you are joining to see if you have access. If not, please contact support@ccbill.com |
| 16 | Subscription ID Provided is invalid |
| 17 | Subscription ID does not exist in system |
| 18 | Previous Transaction Attempt in request was declined |
| 19 | You are not authorized to signup with the provided credentials |
| 20 | No Decline |
| 21 | You have already had a trial, please select a normal recurring membership option |
| 22 | Error contacting bank, please try again later |
| 23 | Invalid Credit Card Provided |
| 24 | Transaction Denied by Bank |
| 25 | Bank Error |
| 26 | Card Processing Setup Incorrect for Merchant |
| 27 | System Error, Please Try Again |
| 28 | We are unable to process your transaction at this time. Please try again at a later time |
| 29 | Card Expired |
| 30 | We are unable to bill the telephone number provided for this transaction. Please return to the website and choose an alternate payment method. |
| 31 | Insufficient Funds |
| 32 | You must provide CVV2 to complete transaction |
| 33 | Unable to determine transaction type |
| 34 | Error contacting bank, please try again later |
| 35 | Card Declined at Pre-Auth SC |
| 36 | Unable To Contact Bank |
| 37 | We currently do not process for your bank's bin |
| 38 | Transaction Refused by Issuing Bank |
| 39 | You Have Submitted Too Many Times Today |
| 40 | The Card you are using is not accepted by this Merchant |
| 41 | Merchant Inactive |
| 42 | Incorrect Address Provided |
| 43 | We are unable to process your telephone billing transaction because your provider only allows for one charge, per telephone number, per day, and our records show that you have an existing daily charge to this telephone number. Please return to the website and choose an alternative payment method. |
| 44 | We're sorry, at this time prepaid cards are not allowed. Please try a different card type. |
| 45 | Transaction requires additional approval: please refer to your confirmation e-mail for further instructions. |
Release 12 - 2025-04-29
The cardSubType parameter was added to specify the card type used in the transaction.
Affected Webhooks
- CrossSaleFailure (v5)
- CrossSaleSuccess (v6)
- NewSaleFailure (v5)
- NewSaleSuccess (v8)
- RenewalFailure (v5)
- RenewalSuccess (v7)
- UpgradeFailure (v4)
- UpgradeSuccess (v5)
- UpSaleFailure (v5)
- UpSaleSuccess (v7)
Release 11 - 2025-02-17
Enhancements
- Webhook event processing optimized.
- No new parameters introduced.
Updated Event Versions
- Void (v5)
- BillingDateChange (v2)
- Cancellation (v2)
- Chargeback (v5)
- CrossSaleFailure (v4)
- CrossSaleSuccess (v5)
- CustomerDataUpdate (v5)
- Expiration (v2)
- ManualAdd (v2)
- NewSaleFailure (v4)
- NewSaleSuccess (v7)
- Refund (v5)
- RenewalFailure (v4)
- RenewalSuccess (v6)
- Return (v5)
- UpgradeFailure (v3)
- UpgradeSuccess (v4)
- UpSaleFailure (v4)
- UpSaleSuccess (v6)
- UserReactivation (v2)
Release 10 - 2022-04-21
Two new parameters were added to support 3DS authentication results.
New Parameters
paymentAccountscaResponseStatus
Affected Webhooks
paymentAccount added to:
- CrossSaleFailure (v3)
- CrossSaleSuccess (v4)
- UpSaleFailure (v3)
- UpgradeFailure (v2)
- UpgradeSuccess (v3)
scaResponseStatus added to:
- CrossSaleFailure (v3)
- CrossSaleSuccess (v4)
- UpSaleFailure (v3)
- UpSaleSuccess (v5)
- UpgradeFailure (v2)
- UpgradeSuccess (v3)
Release 9 - 2020-02-11
Added new parameter for tracking 3DS authentication results.
New Parameter
threeDSecure
Affected Webhooks
- NewSaleSuccess (v6)
- NewSaleFailure (v3)
Release 8 - 2019-07-23
New Parameters
expDatelast4paymentAccount
Affected Webhooks
- UpSaleSuccess (v4)
Release 7 - 2017-7-19
New Feature
Webhook delivery now supports JSON format in addition to URL Encoded.
Release 6 - 2017-06-01
New Parameters
paymentAccountaccountingCurrencycurrencybilledCurrency
Affected Webhooks
paymentAccount added to:
- CustomerDataUpdate (v4)
- Chargeback (v4)
- Refund (v4)
- Return (v4)
- RenewalSuccess (v5)
- Void (v4)
accountingCurrency added to:
- Chargeback (all versions)
- Refund (all versions)
- RenewalSuccess (all versions)
- Void (all versions)
currency added to:
- Chargeback (all versions)
- Refund (all versions)
- Void (all versions)
billedCurrency added to:
- RenewalSuccess (all versions)
Release 5 - 2017-05-11
Three new parameters were added to enable merchants to track the card BIN, payment method, and type of card used.
New Parameters
binpaymentTypecardType
Affected Webhooks
bin added to:
- NewSaleSuccess (v5)
- UpgradeSuccess (v2)
- UpSaleSuccess (v3)
- CrossSaleSuccess (v3)
- CustomerDataUpdate (v3)
- Chargeback (v3)
paymentType added to:
- Chargeback (v3)
- Return (v3)
- Refund (v3)
- RenewalSuccess (v4)
- RenewalFailure (v3)
- Void (v3)
cardType added to:
- Chargeback (v3)
- Refund (v3)
- RenewalSuccess (v4)
- RenewalFailure (v3)
- Void (v3)
Release 4 - 2017-04-13
Security Enhancement
TLS 1.2 support added for secure transmission.
New Parameters
expDateProvides card expiration date.last4Returns last 4 digits of card/bank account.
Affected Webhooks
- NewSaleSuccess (v4)
- CustomerDataUpdate (v2)
- Chargeback (v2)
- Refund (v2)
- RenewalSuccess (v3)
- Void (v2)
Release 3 - 2014-04-24
New Feature
Added flexId variable to support FlexForms (Open Beta). The field only appears for FlexForm transactions.
Affected Webhooks
- NewSalesSuccess (v3)
- NewSalesFailure (v2)
- Notes were added to related Webhooks (UpSaleSuccess, UpSaleFailure, CrossSaleSuccess, CrossSaleFailure) to reference the correct base versions.
Release 2 - 2013-10-30
New Features
- Introduced versioning support for configurations and events.
- Older configurations prompt upgrade option.
New Webhooks Event
- Return - Notifies users of check returns.
New Parameters
paymentAccountrenewalDate
Affected Webhooks
paymentAccount field added to:
- NewSaleSuccess (v2)
renewalDate field added to:
- RenewalSuccess (v2)
- RenewalFailure (v2)
Bug Fixes
- Fixes a bug that resulted in incorrect POST of the
failureCode,failureReason, andtransactionIdfields in CrossSales, CrossSaleAPI, and Upgrades withspecialOffer. - Fixes a bug that resulted in incorrect POST of
failureCode,failureReason, andtransactionIdfields for Upsales. - Fixes a bug that caused the
subscriptionTypeIdto be incorrectly sent.
Release 1 - Initial Release
No notable changes included.