Klarna Notifications API (release/3)

Download OpenAPI specification:Download

Release 3

Authentication

klarna_api_key

Use the Klarna API key as HTTP Basic Authentication credentials

Security Scheme Type API Key
Header parameter name: Authorization

klarna_partner_account

Klarna Partner Account ID when acting on-behalf of another account

Security Scheme Type API Key
Header parameter name: Klarna-Partner-Account

Webhooks

Create webhook

Creates a new webhook for the given account. Webhook will trigger for the declared events and send notifications to the provided URL.

Request
Security:
Request Body schema: application/json
url
required
string <url> (WebhookEndpoint)

Specifies the HTTPS URL to which the webhook notifications will be delivered. The value must be a valid, secure URL (HTTPS) where the partner's system can receive HTTP POST requests upon the occurrence of subscribed events.

event_types
required
Array of strings (WebhookEventTypes) unique

Specifies the types of events to which the webhook is subscribed. This field supports the wildcard (*) notation that allows for broader event subscriptions. For example, specifying payment.* subscribes the webhook to all events related to the Payment Product.

Items Enum: "payment.request.state-change.submitted" "payment.request.state-change.prepared" "payment.request.state-change.in-progress" "payment.request.state-change.pending-confirmation" "payment.request.state-change.canceled" "payment.request.state-change.authorized" "payment.request.state-change.expired" "payment.request.state-change.declined" "partner.account.state-change.operational" "partner.account.product.payment.state-change.disabled" "partner.account.product.payment.state-change.enabled"
event_version
required
string <enum> (WebhookEventVersion)

Specifies the version of events to which the webhook is subscribed. All the subscribed event types will adhere to the schema of the specified event version.

Value: "v1"
signing_key_id
required
string (SigningKeyId)

The signing_key_id field represents the identifier of the HMAC signing key that will be used for signing the webhook event notifications. This signing key, which must be created separately, accordingly enables the HMAC signing process for the webhook event notifications. Each event notification delivered to the webhook endpoint will carry a signature header, which is produced using the specified HMAC signing key. The inclusion of this signature provides a mechanism for partners to confirm the authenticity of incoming notifications, reinforcing the security of the communication process.

status
string <enum> (WebhookStatus)
Default: "ENABLED"

The status dictates the active/inactive state of the webhook subscription. If set to ENABLED, the webhook subscription is active and the associated endpoint is eligible to receive event notifications. Conversely, if set to DISABLED, the webhook subscription is inactive, preventing the endpoint from receiving any event notifications. When this field is not provided, it defaults to ENABLED.

Enum: "ENABLED" "DISABLED"
Responses
201

Webhook created successfully.

400

Bad Request, there was an error in the input of the request.

401

Unauthorized, the request was not authorized.

409

The webhook configuration already exists

post/v1/notification/webhooks
Request samples
application/json
{
  • "event_types": [
    ],
  • "event_version": "v1",
  • "signing_key_id": "krn:partner:global:notification:signing-key:49bcd37b-79a7-4e6e-b067-2903b45fef42",
  • "status": "ENABLED"
}
Response samples
application/json
{
  • "webhook_id": "krn:partner:global:notification:webhook:120e5b7e-dee8-43ca-9858-dca726e639b5",
  • "event_types": [
    ],
  • "event_version": "v1",
  • "signing_key_id": "krn:partner:global:notification:signing-key:49bcd37b-79a7-4e6e-b067-2903b45fef42",
  • "created_at": "2024-01-01T12:00:00Z",
  • "status": "ENABLED"
}

List webhooks

Retrieves all webhooks for the given account.

Request
Security:
Responses
200

Webhooks returned successfully.

400

Bad Request, there was an error in the input of the request.

401

Unauthorized, the request was not authorized.

404

Not Found, the requested resource was not found.

get/v1/notification/webhooks
Request samples
curl -i -X GET \
  https://api-global.klarna.com/v1/notification/webhooks \
  -H 'Authorization: YOUR_API_KEY_HERE'
Response samples
application/json
{
  • "webhooks": [
    ]
}

Get webhook

Retrieves details of a specific webhook for the given account.

Request
Security:
path Parameters
webhook_id
required
string (WebhookIdentifier)

The unique identifier of the webhook

Example: krn:partner:global:notification:webhook:120e5b7e-dee8-43ca-9858-dca726e639b5
Responses
200

Webhook returned successfully.

400

Bad Request, there was an error in the input of the request.

401

Unauthorized, the request was not authorized.

get/v1/notification/webhooks/{webhook_id}
Request samples
curl -i -X GET \
  'https://api-global.klarna.com/v1/notification/webhooks/{webhook_id}' \
  -H 'Authorization: YOUR_API_KEY_HERE'
Response samples
application/json
{
  • "webhook_id": "krn:partner:global:notification:webhook:120e5b7e-dee8-43ca-9858-dca726e639b5",
  • "event_types": [
    ],
  • "event_version": "v1",
  • "signing_key_id": "krn:partner:global:notification:signing-key:49bcd37b-79a7-4e6e-b067-2903b45fef42",
  • "created_at": "2024-01-01T12:00:00Z",
  • "status": "ENABLED"
}

Update webhook

Updates a specific webhook for the given account. Webhook will remain intact for the fields not mentioned in the request.

Request
Security:
path Parameters
webhook_id
required
string (WebhookIdentifier)

The unique identifier of the webhook

Example: krn:partner:global:notification:webhook:120e5b7e-dee8-43ca-9858-dca726e639b5
Request Body schema: application/json
url
string <url>

Optional - The new endpoint URL to be called when the event happens if you want to update it

event_types
Array of strings (WebhookEventType) unique

Optional - A new set of event types for the webhook if you want to update it

Items Enum: "payment.request.state-change.submitted" "payment.request.state-change.prepared" "payment.request.state-change.in-progress" "payment.request.state-change.pending-confirmation" "payment.request.state-change.canceled" "payment.request.state-change.authorized" "payment.request.state-change.expired" "payment.request.state-change.declined" "partner.account.state-change.operational" "partner.account.product.payment.state-change.disabled" "partner.account.product.payment.state-change.enabled"
event_version
string <enum>

Optional - A new event version configured for the webhook if you want to update it

Value: "v1"
signing_key_id
string

Optional - A new signing key id for the webhook if you want to update it

status
string <enum>
Default: "ENABLED"

Optional - A new status (ENABLED/DISABLED) for the webhook if you want to update it

Enum: "ENABLED" "DISABLED"
Responses
200

Webhook updated successfully.

400

Bad Request, there was an error in the input of the request.

401

Unauthorized, the request was not authorized.

patch/v1/notification/webhooks/{webhook_id}
Request samples
application/json
{
  • "event_types": [
    ],
  • "signing_key_id": "krn:partner:global:notification:signing-key:49bcd37b-79a7-4e6e-b067-2903b45fef42",
  • "status": "ENABLED"
}
Response samples
application/json
{
  • "webhook_id": "krn:partner:global:notification:webhook:120e5b7e-dee8-43ca-9858-dca726e639b5",
  • "event_types": [
    ],
  • "event_version": "v1",
  • "signing_key_id": "krn:partner:global:notification:signing-key:49bcd37b-79a7-4e6e-b067-2903b45fef42",
  • "created_at": "2024-01-01T12:00:00Z",
  • "status": "ENABLED"
}

Delete webhook

Deletes a specific webhook for the given account.

Request
Security:
path Parameters
webhook_id
required
string (WebhookIdentifier)

The unique identifier of the webhook

Example: krn:partner:global:notification:webhook:120e5b7e-dee8-43ca-9858-dca726e639b5
Responses
204

Webhook deleted successfully.

400

Bad Request, there was an error in the input of the request.

401

Unauthorized, the request was not authorized.

404

Not Found, the requested resource was not found.

delete/v1/notification/webhooks/{webhook_id}
Request samples
curl -i -X DELETE \
  'https://api-global.klarna.com/v1/notification/webhooks/{webhook_id}' \
  -H 'Authorization: YOUR_API_KEY_HERE'
Response samples
application/json

The request contained a validation error.

{
  • "error_id": "4e2f6b5e-df81-40e6-83d5-f34f68d4e2f4",
  • "error_type": "INPUT_ERROR",
  • "error_code": "VALIDATION_ERROR",
  • "errors": []
}

Simulate a webhook

Simulates a webhook notification by using webhook id for given event type and event version.

Request
Security:
path Parameters
webhook_id
required
string (WebhookIdentifier)

The unique identifier of the webhook

Example: krn:partner:global:notification:webhook:120e5b7e-dee8-43ca-9858-dca726e639b5
Request Body schema: application/json
event_type
required
string (WebhookEventType)

Defined webhook events

Enum: "payment.request.state-change.submitted" "payment.request.state-change.prepared" "payment.request.state-change.in-progress" "payment.request.state-change.pending-confirmation" "payment.request.state-change.canceled" "payment.request.state-change.authorized" "payment.request.state-change.expired" "payment.request.state-change.declined" "partner.account.state-change.operational" "partner.account.product.payment.state-change.disabled" "partner.account.product.payment.state-change.enabled"
event_version
required
string <enum> (WebhookEventVersion)

Specifies the version of events to which the webhook is subscribed. All the subscribed event types will adhere to the schema of the specified event version.

Value: "v1"
Responses
202

Webhook notification simulated successfully.

400

Bad Request, there was an error in the input of the request.

401

Unauthorized, the request was not authorized.

404

Not Found, the requested resource was not found.

post/v1/notification/webhooks/{webhook_id}/simulate
Request samples
application/json
{
  • "event_type": "payment.request.state-change.authorized",
  • "event_version": "v1"
}
Response samples
application/json
{
  • "metadata": {
    },
  • "payload": {
    }
}

Signing Keys

Create signing key

Creates a new signing key for the given account. Webhook notifications can be verified with the signing key generated.

Request
Security:
Responses
201

Signing key created successfully.

400

Bad Request, there was an error in the input of the request.

401

Unauthorized, the request was not authorized.

403

Operation forbidden

post/v1/notification/signing-keys
Request samples
curl -i -X POST \
  https://api-global.klarna.com/v1/notification/signing-keys \
  -H 'Authorization: YOUR_API_KEY_HERE'
Response samples
application/json
{
  • "signing_key_id": "krn:partner:global:notification:signing-key:49bcd37b-79a7-4e6e-b067-2903b45fef42",
  • "signing_key": "b040893b9e02f6445b205ae2102e3e9e1d0aa9035e61cdebde39b5c230a7bc5a",
  • "created_at": "2024-01-01T12:00:00Z"
}

List signing keys

Retrieves all signing keys for the given account.

Request
Security:
Responses
200

Signing keys returned successfully.

400

Bad Request, there was an error in the input of the request.

401

Unauthorized, the request was not authorized.

404

Not Found, the requested resource was not found.

get/v1/notification/signing-keys
Request samples
curl -i -X GET \
  https://api-global.klarna.com/v1/notification/signing-keys \
  -H 'Authorization: YOUR_API_KEY_HERE'
Response samples
application/json
{
  • "signing_keys": [
    ]
}

Get signing key

Retrieves details of a specific signing key for the given account.

Request
Security:
path Parameters
signing_key_id
required
string (SigningKeyId)

The unique identifier of the signing key

Example: krn:partner:global:notification:signing-key:49bcd37b-79a7-4e6e-b067-2903b45fef42
Responses
200

Signing key returned successfully.

400

Bad Request, there was an error in the input of the request.

401

Unauthorized, the request was not authorized.

404

Not Found, the requested resource was not found.

get/v1/notification/signing-keys/{signing_key_id}
Request samples
curl -i -X GET \
  'https://api-global.klarna.com/v1/notification/signing-keys/{signing_key_id}' \
  -H 'Authorization: YOUR_API_KEY_HERE'
Response samples
application/json
{
  • "signing_key_id": "krn:partner:global:notification:signing-key:49bcd37b-79a7-4e6e-b067-2903b45fef42",
  • "in_use": false,
  • "created_at": "2024-01-01T12:00:00Z"
}

Delete signing key

Deletes a specific signing key for the given account.

Request
Security:
path Parameters
signing_key_id
required
string (SigningKeyId)

The unique identifier of the signing key

Example: krn:partner:global:notification:signing-key:49bcd37b-79a7-4e6e-b067-2903b45fef42
Responses
204

Signing key deleted successfully.

400

Bad Request, there was an error in the input of the request.

401

Unauthorized, the request was not authorized.

404

Not Found, the requested resource was not found.

409

Conflict, there was a conflict in using the resource. Idempotency violation or concurrent updates to a resource occurred.

delete/v1/notification/signing-keys/{signing_key_id}
Request samples
curl -i -X DELETE \
  'https://api-global.klarna.com/v1/notification/signing-keys/{signing_key_id}' \
  -H 'Authorization: YOUR_API_KEY_HERE'
Response samples
application/json

The request contained a validation error.

{
  • "error_id": "4e2f6b5e-df81-40e6-83d5-f34f68d4e2f4",
  • "error_type": "INPUT_ERROR",
  • "error_code": "VALIDATION_ERROR",
  • "errors": []
}