Integration steps
Sign In
Integration steps
Step-by-step instructions for the technical integration of the chargeback system


Chargebackhit APIs conform to representational state transfer (REST) design principles. They have predictable resource-oriented URLs, accept json-encoded request bodies, return JSON-encoded responses, use standard HTTP response codes and authentication.

All data sent to Chargebackhit with the upload API must be in a JSON string format that is capable of parsing back to JSON.

The main steps of the integration are:

  • Technical integration with Chargebackhit
  • Testing:
    • Sandbox account
    • Production account
  • Account settings

Steps 1-2 are recommended to be performed by the developer and step 3 by the account holder.

Step 1 - Login Information

  • Receive an invitation to work email with account credentials for the merchant portal hub
  • Get API keys obtained from the “Settings” page
API keys - Public Key and Secret Key.

Step 2 - Notification URL

Create and provide notification URL for:

  • Sandbox account
  • Production account
You can also set and change URLs in the portal inside “Settings”.

Step 3 - Signature Creation

The value of a signature is a base64-encoded value of hash function SHA-512. For the encryption key, the Secret Key will be applied. The following string will be used for signature data:

public_key + requestJsonData + public_key

Step 4 - Signature Verification

The signature allows the merchant system to verify the source and the integrity of the notification details transmitted between the Merchant and Chargebackhit.

The merchant will apply the Public Key and Secret Key to calculate the signature.

Headers of each request are to be placed in the following additional fields:

Parameter Description Example
Signature of the request allows verifying whether the request is genuine. MjNiYjVj…ZhYmMxMzNiZDY=
Public Key
Unique identification, which will be shared at the moment of registration along with the Private Key. Account

Step 5 - Generate sandbox alerts

The merchant is initially configured for working via a test environment and can check the Integration with a set of test alerts, which can be generated manually in the sandbox account in the alerts section:

The merchant can go live after integration is completed, and UAT testing is passed.

Step 6 - Matching and response

To address the alerts (refund, provide the response, etc.), firstly, we need to match the alerts to the exact transaction in the merchant’s database/CRM.

It is a straightforward process, but in some cases, we need to apply a specific matching algorithm.


When integrating Chargebackhit into your workflows, you need to consider how long you can wait for a response from our system.

In an API-based service, timeouts define the total time available to process and respond to a request. By total time, we mean the time it takes for your request to get to our servers, be processed and responded to, and the response to return to your server.
The response time includes three main components:

  • Network latency: the delay in communicating over a network with our APIs.
  • Data enrichment: the time to get all the values for data enrichment. Since Chargebackhit has no control over third-party servers and data sources, response times may vary.
  • Matching Process: the time to process all rules and custom configurations in your account to create the full API response.

Response time of SLAs, for:

  • Inquiry - less than 2 seconds
  • Resolved - is irrelevant
  • Init-refund - is according to the rules (less than 24 hours)

Get started–>