Why am I not receiving webhook events?

URL correct?

Exact match to the URL stored on the terminal (or in webhookUrls).

Call GET /Terminals/{terminalId} to inspect webhookUrl.

HTTPS?

Only https:// endpoints are accepted.

URL must include https:// and a valid TLS cert.

Publicly reachable?

Bead cannot hit localhost or private IPs.

curl -I https://your-webhook from a public server.

Returns 2xx quickly?

Any non-2xx triggers retries; long timeouts count as failures.

Look at your server logs—should respond in < 1 s.

IP allowlist?

Firewalls or WAFs aren’t blocking Bead’s IP range.

Temporarily disable rules or add Bead IPs (see portal).

Signature validation?

Handler isn’t rejecting because of wrong signingSecret or timestamp skew.

Log the x-webhook-signature header and your verification result.

Event already sent?

Webhooks are only sent when statusCode changes.

Check payment timeline (GET /payments/tracking/{id}).

No hits in server logs at all

DNS typo or HTTPS certificate error

Re-enter URL, use Qualys SSL Labs to verify cert chain.

First attempt arrives, then retries keep going

Endpoint responds 500 or times out

Return 200 immediately, push heavy work to a queue.

Only terminal webhook receives events, extra webhookUrls do not

Missing webhookUrls array in the create-payment call

Confirm request body; array must be top-level, non-empty.

Handler logging “Invalid signature”

Wrong signingSecret or raw body altered before verification

Fetch latest secret via GET /Terminals/{id}. Verify raw body, not parsed JSON.

Webhooks work in sandbox but not in prod

Firewall or region-restricted endpoint

Allow Bead prod IPs; check CDN or geo-fencing rules.