{
  "status": 400,
  "code": "INVALID_INPUT",
  "message": "<string>",
  "details": {}
}

Webhooks

Account status notification webhook

Webhook that is called when the balance of an account changes This endpoint should be implemented by clients of the Grid API.

Authentication

The webhook includes a signature in the X-Grid-Signature header that allows you to verify that the webhook was sent by Grid. To verify the signature:

Get the Grid public key provided to you during integration
Decode the base64 signature from the header
Create a SHA-256 hash of the request body
Verify the signature using the public key and the hash

If the signature verification succeeds, the webhook is authentic. If not, it should be rejected.

Account status

When the balance of an internal account changes, we will push a notification with information on the account, the new balance, and who the account belongs to.

POST

account-status

{
  "status": 400,
  "code": "INVALID_INPUT",
  "message": "<string>",
  "details": {}
}

Authorizations

X-Grid-Signature

string

header

required

Secp256r1 (P-256) asymmetric signature of the webhook payload, which can be used to verify that the webhook was sent by Grid.

To verify the signature:

Get the Grid public key provided to you during integration
Decode the base64 signature from the header
Create a SHA-256 hash of the request body
Verify the signature using the public key and the hash

If the signature verification succeeds, the webhook is authentic. If not, it should be rejected.

Body

application/json

timestamp

string<date-time>

required

ISO8601 timestamp when the webhook was sent (can be used to prevent replay attacks)

Example:

"2025-08-15T14:32:00Z"

webhookId

string

required

Unique identifier for this webhook delivery (can be used for idempotency)

Example:

"Webhook:019542f5-b3e7-1d02-0000-000000000007"

type

enum<string>

required

Type of webhook event

Available options:

INCOMING_PAYMENT,

OUTGOING_PAYMENT,

TEST,

BULK_UPLOAD,

INVITATION_CLAIMED,

KYC_STATUS,

ACCOUNT_STATUS

accountId

string

required

The id of the account whose balance has changed

oldBalance

object

Show child attributes

oldBalance.amount

integer<int64>

required

Amount in the smallest unit of the currency (e.g., cents for USD/EUR, satoshis for BTC)

Example:

12550

oldBalance.currency

object

required

Show child attributes

oldBalance.currency.code

string

Three-letter currency code (ISO 4217) for fiat currencies. Some cryptocurrencies may use their own ticker symbols (e.g. "BTC" for Bitcoin, "USDC" for USDC, etc.)

Example:

"USD"

oldBalance.currency.name

string

Full name of the currency

Example:

"United States Dollar"

oldBalance.currency.symbol

string

Symbol of the currency

Example:

"$"

oldBalance.currency.decimals

integer

Number of decimal places for the currency

Required range: x >= 0

Example:

2

newBalance

object

Show child attributes

newBalance.amount

integer<int64>

required

Amount in the smallest unit of the currency (e.g., cents for USD/EUR, satoshis for BTC)

Example:

12550

newBalance.currency

object

required

Show child attributes

newBalance.currency.code

string

Three-letter currency code (ISO 4217) for fiat currencies. Some cryptocurrencies may use their own ticker symbols (e.g. "BTC" for Bitcoin, "USDC" for USDC, etc.)

Example:

"USD"

newBalance.currency.name

string

Full name of the currency

Example:

"United States Dollar"

newBalance.currency.symbol

string

Symbol of the currency

Example:

"$"

newBalance.currency.decimals

integer

Number of decimal places for the currency

Required range: x >= 0

Example:

2

customerId

string

The ID of the customer associated with the internal account

Example:

"Customer:019542f5-b3e7-1d02-0000-000000000001"

platformCustomerId

string

The ID of the customer as associated in your platform

Example:

"019542f5-b3e7-1d02-0000-000000000001"

Response

Webhook received successfully

Kyc customer status change Create an UMA invitation from a given platform customer.

⌘I

Using the API

API documentation

Account status notification webhook

Authentication

Account status

Authorizations

Body

Response