- Near real-time updates
- Decoupled integrations
- Reliable reconciliation and operational traceability
Prerequisites
Before configuring webhooks, ensure you have:
- The Pix Indirect Plugin configured and running (see How indirect participation works)
- An HTTPS endpoint ready to receive webhook requests
- Basic understanding of Pix event lifecycle and transaction flows
Why webhooks matter in Pix
Pix is an asynchronous, multi-party system. Even when an API request succeeds, the final state of a transaction is only confirmed later, after settlement and counterparty acknowledgment. Webhooks allow your system to:
- Track authoritative transaction status
- React to refunds, reversals, and MED events
- Maintain ledger and operational consistency
- Reduce polling and operational overhead
Event types
You receive events grouped by flow and entity, aligned with BACEN (Banco Central do Brasil) domains.
| Flow | Entity | Description |
|---|---|---|
| DICT | CLAIM | Pix key portability and ownership claim events |
| DICT | INFRACTION_REPORT | MED (Mecanismo Especial de Devolução) infraction reports and dispute lifecycle |
| DICT | REFUND | MED refund request events |
| DICT | FUNDS_RECOVERY | MED 2.0 Funds Recovery entity status changes (DB-backed) |
| DICT | FUNDS_RECOVERY_EVENT | MED 2.0 Funds Recovery lifecycle events (pass-through) |
| TRANSFER | CASHIN | Incoming Pix payment status updates |
| TRANSFER | CASHOUT | Outgoing Pix payment status updates |
| REFUND | CASHIN | Incoming Pix refund status updates |
| REFUND | CASHOUT | Outgoing Pix refund status updates |
The two MED 2.0 entities behave differently:
FUNDS_RECOVERY is emitted after the plugin updates its local record, while FUNDS_RECOVERY_EVENT is a pass-through of BTG lifecycle events with no database update. See MED 2.0 — Funds Recovery for the full flow.DICT (Diretório de Identificadores de Contas Transacionais) is the BACEN directory that manages Pix keys and related operations like claims, infractions, and refunds.
Webhook configuration
You enable webhooks by configuring destination URLs and selecting which event types your system should receive.
Environment variables
You can configure webhook endpoints at entity, flow, or global level.
| Flow | Entity | Entity-level URL variable |
|---|---|---|
| DICT | CLAIM | WEBHOOK_DICT_CLAIM_URL |
| DICT | INFRACTION_REPORT | WEBHOOK_DICT_INFRACTION_REPORT_URL |
| DICT | REFUND | WEBHOOK_DICT_REFUND_URL |
| TRANSFER | CASHIN | WEBHOOK_TRANSFER_CASHIN_URL |
| TRANSFER | CASHOUT | WEBHOOK_TRANSFER_CASHOUT_URL |
| REFUND | CASHIN | WEBHOOK_REFUND_CASHIN_URL |
| REFUND | CASHOUT | WEBHOOK_REFUND_CASHOUT_URL |
WEBHOOK_DICT_URL, WEBHOOK_TRANSFER_URL, and WEBHOOK_REFUND_URL.
URL resolution priority
When multiple URLs are configured, the system resolves them in the following order:
-
Entity-level URL
Example:
WEBHOOK_DICT_CLAIM_URL -
Flow-level URL
Example:
WEBHOOK_DICT_URL -
Default URL
WEBHOOK_DEFAULT_URL
Request format
Headers
Every webhook request includes standardized headers for traceability and security.
| Header | Description |
|---|---|
Content-Type | application/json |
X-Request-ID | Unique request identifier |
X-Entity-Type | Event entity (e.g. INFRACTION_REPORT) |
X-Flow-Type | Source domain (e.g. DICT) |
Idempotency-Key | Unique event identifier for deduplication |
Body structure
| Field | Description |
|---|---|
entityType | Event entity |
flowType | Pix domain |
payload | Event-specific data |
Responses and retry behavior
Expected response
Your endpoint must return an HTTP 2xx status to confirm successful delivery.
| Response | Result |
|---|---|
| 2xx | Delivered successfully |
| Non-2xx | Retried automatically |
Retry strategy
Failed deliveries are retried automatically using exponential backoff:
| Attempt | Delay |
|---|---|
| 1 | 1 second |
| 2 | 2 seconds |
| 3 | 4 seconds |
- Max retries: 3
- Timeout per request: 30 seconds
Custom retry settings
Retries and timeouts can be customized per event:Circuit breaker protection
To prevent cascading failures, webhook delivery is protected by a circuit breaker. When the Pix Plugin detects repeated delivery failures (typically consecutive
5xx responses or timeouts), it temporarily pauses webhook calls to the affected endpoint.
After a configurable cooldown period, the system performs controlled retry attempts to check if the endpoint has recovered.
Once successful responses are detected, normal delivery is automatically resumed.
This mechanism ensures:
- Protection against overloaded or unstable endpoints
- Graceful recovery without manual intervention
- Higher overall system stability in production environments
Circuit breaker behavior works alongside retries and exponential backoff, adding an extra safety layer for webhook delivery.
Transport errors and orphan events
A delivery attempt can fail at the transport layer (connection refused, DNS failure, TLS handshake error) before any HTTP status is returned. These failures are persisted as orphan events rather than lost, so they remain visible for operational follow-up and reprocessing instead of silently disappearing. When handling refund events, note that
originalEndToEndId is the canonical key for all refund lookups. The plugin now resolves refunds from both the cash-in → refund and cash-out → refund directions using this field, so always key refunds by originalEndToEndId (the original transfer’s end-to-end ID) rather than assuming a single, direction-specific lookup path.
Internal transaction reports (intra-PSP)
Intra-PSP (P2P) transfers are settled internally and never reach BTG for settlement, but they are still reported to BACEN via the TRCK002 abstraction. BTG confirms report status through a CAMT025 webhook carrying the entity
PixInternalTransactionsReport.
| Field | Description |
|---|---|
pactualId | BTG-assigned report identifier |
clientRequestId | Your idempotency key, sent during report submission |
entity | Always PixInternalTransactionsReport |
status | PROCESSING, CONFIRMED, or ERROR |
errorCode / errorDescription | Populated when status = ERROR |
cashout.completed/cashout.failed, cashin.completed, and the refund equivalents). For the full internal flow, see Intra-PSP transfers.
Best practices
| Practice | Why it matters |
|---|---|
| Ignore unknown fields | Remain forward-compatible as new fields are added |
| Idempotent processing | Use Idempotency-Key to avoid processing duplicates |
| Fast acknowledgment | Return 202 Accepted and process asynchronously |
| Async processing | Avoid blocking the webhook thread |
| Handle compression | Payloads >1KB are gzip-compressed. Check the Content-Encoding header and decompress accordingly |
Event examples
Below are representative examples of webhook payloads you receive from the Pix Indirect Plugin. Expand each entry to view its payload.
DICT claim
DICT claim
Ownership or portability lifecycle events. Use these to track Pix key disputes across institutions.
DICT infraction report (MED)
DICT infraction report (MED)
Dispute and fraud signaling events aligned with BACEN MED rules.
DICT refund (MED)
DICT refund (MED)
Refund requests and decisions related to MED cases.
DICT funds recovery (MED 2.0)
DICT funds recovery (MED 2.0)
Funds Recovery entity status changes. The plugin updates its local record before forwarding the full entity.Lifecycle events arrive as
entityType: FUNDS_RECOVERY_EVENT (pass-through, no DB update), with event values such as FUNDS_RECOVERY_ANALYSED and FUNDS_RECOVERY_COMPLETED.Transfer cash-in and cash-out
Transfer cash-in and cash-out
Incoming and outgoing Pix transfer events.Cash-in (incoming transfer):Cash-out (outgoing transfer):
Refund cash-in and cash-out
Refund cash-in and cash-out
Refund settlement events for Pix transactions.Refund cash-in (receiving a refund):Refund cash-out (sending a refund):
Key takeaway
Webhooks are not optional in Pix Indirect operations. They are the authoritative channel for transaction state, refunds, and dispute handling. A correct webhook implementation ensures:
- Accurate reconciliation
- Regulatory compliance
- Operational resilience
- Predictable customer experience
Next steps
Now that you understand how webhooks work in Indirect Pix, explore these related topics:
- Pix main domains: transfers - Deep dive into transfer operations
- Pix main domains: DICT - Understanding DICT operations and key management
- Pix main domains: MED - MED dispute and refund handling
- MED 2.0 — Funds Recovery - Cross-account fraud recovery and its webhooks
- Intra-PSP transfers - Internal P2P settlement and TRCK002 reporting
- API reference — Full API documentation for DICT, Claims, Transactions, QR Codes, and MED operations

