{
  "id": "Webhook:019542f5-b3e7-1d02-0000-000000000007",
  "type": "INTERNAL_ACCOUNT.BALANCE_UPDATED",
  "timestamp": "2025-08-15T14:32:00Z",
  "data": {
    "id": "InternalAccount:019542f5-b3e7-1d02-0000-000000000005",
    "customerId": "Customer:019542f5-b3e7-1d02-0000-000000000001",
    "balance": {
      "amount": 10000,
      "currency": {
        "code": "USD",
        "name": "United States Dollar",
        "symbol": "$",
        "decimals": 2
      }
    },
    "fundingPaymentInstructions": [],
    "createdAt": "2025-08-01T10:00:00Z",
    "updatedAt": "2025-08-15T14:32:00Z"
  }
}

{
  "status": 400,
  "code": "INVALID_INPUT",
  "message": "<string>",
  "details": {}
}

Webhooks

Internal account status webhook

Webhook that is called when the status of an internal account changes. This includes balance updates and may include additional account events in the future. This endpoint should be implemented by clients of the Grid API.

Authentication

The webhook includes a signature in the X-Grid-Signature header that allows you to verify that the webhook was sent by Grid. To verify the signature:

Get the Grid public key provided to you during integration
Decode the base64 signature from the header
Create a SHA-256 hash of the request body
Verify the signature using the public key and the hash

If the signature verification succeeds, the webhook is authentic. If not, it should be rejected.

Event types

INTERNAL_ACCOUNT.BALANCE_UPDATED — Fired when the balance of an internal account changes. The data payload contains the full internal account object.

WEBHOOK

internal-account-status

{
  "id": "Webhook:019542f5-b3e7-1d02-0000-000000000007",
  "type": "INTERNAL_ACCOUNT.BALANCE_UPDATED",
  "timestamp": "2025-08-15T14:32:00Z",
  "data": {
    "id": "InternalAccount:019542f5-b3e7-1d02-0000-000000000005",
    "customerId": "Customer:019542f5-b3e7-1d02-0000-000000000001",
    "balance": {
      "amount": 10000,
      "currency": {
        "code": "USD",
        "name": "United States Dollar",
        "symbol": "$",
        "decimals": 2
      }
    },
    "fundingPaymentInstructions": [],
    "createdAt": "2025-08-01T10:00:00Z",
    "updatedAt": "2025-08-15T14:32:00Z"
  }
}

{
  "status": 400,
  "code": "INVALID_INPUT",
  "message": "<string>",
  "details": {}
}

Authorizations

X-Grid-Signature

string

header

required

Secp256r1 (P-256) asymmetric signature of the webhook payload, which can be used to verify that the webhook was sent by Grid. To verify the signature:

Get the Grid public key provided to you during integration
Decode the base64 signature from the header
Create a SHA-256 hash of the request body
Verify the signature using the public key and the hash

If the signature verification succeeds, the webhook is authentic. If not, it should be rejected.

Body

application/json

string

required

Unique identifier for this webhook delivery (can be used for idempotency)

Example:

"Webhook:019542f5-b3e7-1d02-0000-000000000007"

type

enum<string>

required

Status-specific event type in OBJECT.EVENT dot-notation (e.g., OUTGOING_PAYMENT.COMPLETED)

Available options:

INTERNAL_ACCOUNT.BALANCE_UPDATED

timestamp

string<date-time>

required

ISO 8601 timestamp of when the webhook was sent

Example:

"2025-08-15T14:32:00Z"

data

object

required

The resource object. Contains the full resource as the corresponding GET endpoint would return it.

Show child attributes

Response

Webhook received successfully

Kyc customer status change

⌘I

Using the API

API documentation

Internal account status webhook

Authentication

Event types

Authorizations

Body

Response