Operations & Security
Event Replay & Dead-Letter Queue
ParsePesa makes it easy to monitor delivery statuses, inspect raw payload lifecycles, and recover from downstream server failures. If your server is down, we cache and retry notifications, moving them to a Dead-Letter Queue if delivery repeatedly fails.
Webhook Retry Strategy
When ParsePesa delivers an outbound webhook to your registered endpoints, we expect a rapid HTTP `2xx` response. If your server returns an error or times out:
- Exponential Backoff: The scheduler automatically retries the delivery up to 5 times over a 24-hour period, spacing attempts exponentially.
- Dead-Letter Queue: If all 5 attempts fail, the delivery is marked as `dead_letter`. It ceases auto-retries and is flagged in the logs.
Manual & Bulk Event Replays
Once your server issues are resolved, you can trigger redeliveries of missed events:
- Navigate to the Dead-Letter Webhook Logs tab in the console.
- Select individual transactions to review the raw and normalized payload structures, along with the HTTP response codes and raw error logs returned by your server.
- Click the Replay Event button to trigger immediate delivery.
- To replay multiple failures, check the select boxes beside rows and use the Bulk Replay action button at the top of the table.
Webhook Signature Security
To ensure webhooks arriving at your server originate from ParsePesa and have not been tampered with, every request contains signature headers:
X-ParsePesa-Signature: t=1781289510,v1=9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 X-ParsePesa-Timestamp: 1781289510 X-ParsePesa-Environment: productionSignature Verification Algorithm (Pseudo-code)
// Concatenate timestamp and request body const payload = timestamp + '.' + requestBody; // Generate SHA256 HMAC utilizing your webhook endpoint secret const signature = HMAC_SHA256(payload, endpointSecret); // Match signature against header v1 parameter assert(signature === headerSignature);