# Webhooks

Webhooks let the Monato platform notify your systems in real time when platform events occur — such as when a charge is confirmed, declined, or reversed, or when an instrument verification completes.

## Configuring Your Endpoint

Webhook endpoints are configured through the [Monato Portal](https://portal.directdebit.monato.com) under **Settings → Webhooks**. You provide the URL of your endpoint and an Authorization header value that the platform will include in every delivery.

## Endpoint Requirements

Your endpoint must:

- Accept `POST` requests with a `Content-Type: application/json` body
- Return a `200` or `201` HTTP status code promptly on successful receipt
- Be accessible from the public internet


:::warning
Return your `200` or `201` response as quickly as possible — before performing any processing. Long-running handlers that delay the response increase the risk of timeout-related retries.
:::

## Event Delivery and Retries

If the platform does not receive a `200` or `201` response on the first delivery attempt, it will retry once per hour for up to 10 hours (10 retries total). After the final retry, the event will not be re-delivered automatically — you will need to retrieve the current state by querying the relevant API endpoint directly.

## Endpoint Authentication

The platform sends a configurable `Authorization` HTTP header with every webhook request. You set the value of this header when configuring your endpoint in the Portal during onboarding. Use this to verify that incoming requests originate from Monato.

## Events

For a full reference of all event payloads, see [Webhook Events](/products/directdebit/content/reference/webhook-events).