900+ reviews For Entrepreneurs
Digittrix logo

Home - Scripts - Website Development

  • 10 April 2026

Razorpay Payment Webhook: A Complete Guide
by Tarun C. 4 minute read 0 views
PHP

Razorpay webhooks notify your server immediately of payment events, allowing secure, real-time updates and automatic transaction recording in your database.

Key Points

  • 99.9% of payments captured trigger instant webhook notifications.
  • 100% of webhook requests verified using HMAC SHA256 signatures.
  • Logs store 100% of events for tracking and debugging purposes.

1. Introduction

A webhook is a feature that enables Razorpay to send payment updates directly to your server whenever a payment event occurs. Without webhooks, your application would have to repeatedly call Razorpay APIs to check payment status, which is inefficient.

With webhooks, Razorpay sends a POST request to your server immediately when a payment event occurs, allowing your system to receive updates in real time. This is particularly useful for businesses that hire PHP developers to build payment systems as part of their custom web or mobile app development projects.

Common webhook events include:

  • payment.captured – Payment completed successfully
  • payment.failed – Payment attempt failed
  • order.paid – Order payment has been completed
  • refund.processed – Refund has been successfully processed

Using webhooks ensures your system automatically updates payment status in your database, which is a best practice when hiring professionals for flawless integration in custom web development solutions.

2. How Webhooks Work

The webhook process is straightforward:

Customer makes payment → Razorpay processes payment → Razorpay triggers webhook → Your server receives webhook → Database updates automatically.

This process guarantees your application always has the correct payment status without manual checks, which is essential when integrating payments into web or app projects.

3. Creating a Webhook Endpoint

To receive webhook notifications, you need a backend URL (endpoint) where Razorpay will send the webhook data. Businesses often hire PHP developers to build such endpoints as part of their custom web and mobile app development projects.

Example URL:

                                        https://yourdomain.com/razorpay-webhook.php

When a payment event occurs, Razorpay sends a POST request with JSON data to this URL. Your server automatically reads and processes this data.

4. Webhook Script Example (PHP)

Create a file called razorpay-webhook.php. The following PHP script verifies the Razorpay request and handles payment events:

                                        <?php
$webhook_secret = "your_webhook_secret";
$webhook_body = file_get_contents("php://input");
$razorpay_signature = $_SERVER['HTTP_X_RAZORPAY_SIGNATURE'];
$generated_signature = hash_hmac('sha256', $webhook_body, $webhook_secret);

if ($generated_signature == $razorpay_signature) {
    $data = json_decode($webhook_body, true);
    $event = $data['event'];

    if ($event == "payment.captured") {
        $payment_id = $data['payload']['payment']['entity']['id'];
        $order_id = $data['payload']['payment']['entity']['order_id'];
        $amount = $data['payload']['payment']['entity']['amount'];

        // Update database here
        echo "Payment captured";
    } elseif ($event == "payment.failed") {
        $payment_id = $data['payload']['payment']['entity']['id'];
        // Update payment status to failed
        echo "Payment failed";
    } else {
        echo "Event not handled";
    }
} else {
    http_response_code(400);
    echo "Invalid signature";
}
?>

This script is frequently used by teams to incorporate payment systems into custom web or mobile app projects.

5. Understanding the Webhook Payload

Razorpay sends webhook data in JSON format, which includes details about the event and payment.

Example payload:

                                        {
  "event": "payment.captured",
  "payload": {
    "payment": {
      "entity": {
        "id": "pay_123456",
        "order_id": "order_123456",
        "amount": 50000,
        "status": "captured"
      }
    }
  }
}

Important fields:

Field Description
event Type of event triggered
payment.id Razorpay payment ID
order_id Order linked to the payment
amount Payment amount

These values can be stored in your database to track transactions, which is a key step when hiring developers for secure mobile app development.

6. Verifying the Webhook Signature

Verification ensures the request is genuinely from Razorpay.

Steps:

  1. Receive the webhook request body
  2. Generate a hash using your webhook secret
  3. Compare it with the X-Razorpay-Signature header
  4. If both match, the request is valid; otherwise, reject it

Hiring experts for this verification ensures strong security in your custom web or mobile app development projects.

7. Configuring Webhook in Razorpay Dashboard

After creating the webhook script, register it in the Razorpay dashboard:

  1. Log in to Razorpay Dashboard
  2. Navigate to Settings → Webhooks
  3. Click Add New Webhook
  4. Enter your webhook URL
  5. Select events to receive (e.g., payment.captured, payment.failed, order.paid)
  6. Set a webhook secret

Once saved, Razorpay will send webhook notifications to your server. Teams that hire developers typically handle this as part of broader custom web or mobile app development services.

8. Testing Webhooks

Razorpay allows testing webhooks from the dashboard:

  1. Go to the Webhooks section
  2. Select your webhook
  3. Click Send Test Webhook

You can also test locally using tools like ngrok:

                                        https://abcd123.ngrok.io/razorpay-webhook.php

Testing is crucial when hiring PHP developers for custom web or mobile app development to ensure payments are processed properly.

9. Logging Webhook Requests

Logging webhook requests aids in debugging and monitoring payment events. Example:

                                        file_put_contents(
    "webhook_log.txt",
    $webhook_body . PHP_EOL,
    FILE_APPEND
);

This saves every webhook request to webhook_log.txt, a practice often recommended when teams hire PHP developers for custom web or app development.

10. Best Practices

  • Always verify webhook signatures
  • Use HTTPS endpoints for security
  • Store webhook logs for debugging
  • Handle duplicate webhook events properly
  • Update the database using transactions
  • Never trust payment status from the frontend

These best practices ensure a secure and reliable payment system, which is a critical consideration when it comes to custom web development or mobile app development.

Final Words

Razorpay webhooks provide a simple and reliable way to receive real-time payment updates. By verifying signatures and handling events correctly, your system can automatically update payment records and maintain accurate transaction data. Businesses that hire PHP developers for custom web development or mobile app development can integrate Razorpay webhooks seamlessly to improve payment automation and security.

Tech Stack & Version

Frontend

  1. HTML
  2. CSS
  3. React.js
  4. Vue.js
  5. Angular

Backend

  1. PHP
  2. Node.js
  3. Python
  4. MySQL
  5. PostgreSQL

Deployment

  1. AWS EC2
  2. DigitalOcean
  3. Google Cloud

Recent Scripts

Website Development

Image Upload with Fixed Dimensions in ReactJS

Author by Parveen April 6, 2026 4 minute read

<p>Over 70% of web apps use client-side image processing to ensure consistent UI, faster load times, and optimized performance with fixed dimensions in ReactJS.</p>

Website Development

Shopify Draft Orders: Convert Quotes into Paid Orders

Author by Bobin S. April 2, 2026 3 minute read

<p>Convert quotes into paid orders using Shopify Draft Orders. Create custom pricing, send invoices, automate workflows, and boost order conversion rates.</p>

Website Development

Image Crop Upload Script in Laravel (Dynamic Dimension Cropper)

Author by Pragati S. March 24, 2026 3 minute read

<p>Create dynamic image crop uploads in Laravel using Cropper.js with accurate dimensions, instant preview, and secure backend processing for every image.</p>

Laravel