Skip to main content

BRE-B disbursement events

When you create BRE-B disbursements, Wompi sends events to your webhook URL to notify you of the result of each transaction. BRE-B disbursement events use the same webhook mechanism as bank disbursements, but the payload includes additional information about the resolved BRE-B key.

tip

If you already have webhooks configured for bank disbursements, BRE-B events will arrive at the same URL. You only need to handle the additional structure of the payee object.

transaction.updated event for BRE-B

Triggered when a BRE-B transaction changes status. Unlike a bank transaction, the payee object includes the key, keyType, keyResolutionId and paymentMethodType fields.

Payload structure

{
"event": "transaction.updated",
"data": {
"transaction": {
"id": "7ee824ed-6450-49d8-8b4c-cca181414f5f",
"payoutId": "c57a05b0-646c-11f1-8436-6ca5ce550b83",
"amountInCents": 10,
"status": "FAILED",
"payee": {
"key": "@elias123",
"name": "Elias P",
"email": "test@wompi.com",
"keyType": "ALPHANUMERIC",
"legalId": "******4155",
"personType": "NATURAL",
"accountType": "AHORROS",
"legalIdType": "CC",
"accountNumber": "**2893",
"keyResolutionId": "c6dc06b0-646c-11f1-82b1-1bb0e4b41a19",
"paymentMethodType": "SAVING_ACCOUNT"
},
"failureReason": {
"code": "MOL-5021",
"description": "El monto ingresado es menor al mínimo permitido. El valor mínimo es $1."
},
"currency": "COP",
"appliedAt": "2026-06-10T01:36:25.264Z",
"createdAt": "2026-06-10T01:36:17.498Z"
}
},
"signature": {
"properties": [
"transaction.id",
"transaction.status",
"transaction.amountInCents"
],
"checksum": "a07af8b1201e58488b5b060651daa297d9a807282b83d13c763805e891197ab5"
},
"timestamp": 1781055385651,
"sentAt": "2026-06-10T01:36:25.871Z"
}

transaction object fields

FieldTypeDescription
idstring (UUID)Unique transaction identifier
payoutIdstring (UUID)Batch ID the transaction belongs to
amountInCentsintegerTransaction amount in COP cents
statusstringCurrent status: APPROVED, FAILED, REJECTED
payeeobjectBeneficiary information (see detail below)
failureReasonobjectFailure reason (only present if status is FAILED)
currencystringCurrency: COP
appliedAtstring (ISO 8601)Date when the status change was applied
createdAtstring (ISO 8601)Transaction creation date

payee object fields (BRE-B)

FieldTypeDescription
keystringBRE-B key used for the payment
namestringBeneficiary name
emailstringBeneficiary email
keyTypestringKey type: ALPHANUMERIC, MAIL, PHONE, IDENTIFICATION, ESTABLISHMENT_CODE
legalIdstringBeneficiary document (masked)
personTypestringPerson type: NATURAL, JURIDICA
accountTypestringResolved account type: AHORROS, CORRIENTE
legalIdTypestringDocument type: CC, CE, NIT, PP, TI
accountNumberstringAccount number (masked)
keyResolutionIdstring (UUID)BRE-B key resolution identifier
paymentMethodTypestringResolved payment method type: SAVING_ACCOUNT, CHECKING_ACCOUNT
Difference from bank transactions

In bank transactions, the payee object contains bank, document, accountType and accountNumber. In BRE-B, in addition to the resolved banking information, key, keyType, keyResolutionId and paymentMethodType are included.

failureReason object fields

Only present when status is FAILED:

FieldTypeDescription
codestringError code that caused the failure
descriptionstringHuman-readable description of the failure reason

Example: approved BRE-B transaction

{
"event": "transaction.updated",
"data": {
"transaction": {
"id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"payoutId": "c57a05b0-646c-11f1-8436-6ca5ce550b83",
"amountInCents": 150000,
"status": "APPROVED",
"payee": {
"key": "@juanperez",
"name": "Juan Perez",
"email": "juan@example.com",
"keyType": "ALPHANUMERIC",
"legalId": "******7890",
"personType": "NATURAL",
"accountType": "AHORROS",
"legalIdType": "CC",
"accountNumber": "**4321",
"keyResolutionId": "d7ed17c1-757d-22f2-93c2-2cc1f5c52b2a",
"paymentMethodType": "SAVING_ACCOUNT"
},
"currency": "COP",
"appliedAt": "2026-06-10T02:15:30.000Z",
"createdAt": "2026-06-10T02:15:00.000Z"
}
},
"signature": {
"properties": [
"transaction.id",
"transaction.status",
"transaction.amountInCents"
],
"checksum": "b18bg9c2312f69599c6c170762ebb398f715dfc527705dde674d901326b6ac93"
},
"timestamp": 1781055930000,
"sentAt": "2026-06-10T02:15:30.500Z"
}

Example: failed BRE-B transaction

{
"event": "transaction.updated",
"data": {
"transaction": {
"id": "7ee824ed-6450-49d8-8b4c-cca181414f5f",
"payoutId": "c57a05b0-646c-11f1-8436-6ca5ce550b83",
"amountInCents": 10,
"status": "FAILED",
"payee": {
"key": "@elias123",
"name": "Elias P",
"email": "test@wompi.com",
"keyType": "ALPHANUMERIC",
"legalId": "******4155",
"personType": "NATURAL",
"accountType": "AHORROS",
"legalIdType": "CC",
"accountNumber": "**2893",
"keyResolutionId": "c6dc06b0-646c-11f1-82b1-1bb0e4b41a19",
"paymentMethodType": "SAVING_ACCOUNT"
},
"failureReason": {
"code": "MOL-5021",
"description": "El monto ingresado es menor al mínimo permitido. El valor mínimo es $1."
},
"currency": "COP",
"appliedAt": "2026-06-10T01:36:25.264Z",
"createdAt": "2026-06-10T01:36:17.498Z"
}
},
"signature": {
"properties": [
"transaction.id",
"transaction.status",
"transaction.amountInCents"
],
"checksum": "a07af8b1201e58488b5b060651daa297d9a807282b83d13c763805e891197ab5"
},
"timestamp": 1781055385651,
"sentAt": "2026-06-10T01:36:25.871Z"
}

Signature validation

Signature validation for BRE-B events works exactly the same as for bank events. The properties used for the signature are:

  • transaction.id
  • transaction.status
  • transaction.amountInCents

Validation steps

  1. Extract the values of the properties listed in signature.properties, in order.
  2. Concatenate the values without separators.
  3. Concatenate the timestamp field.
  4. Concatenate your event secret.
  5. Generate the hash with SHA256.
  6. Compare with signature.checksum.

Example with the failed event above:

Properties: 7ee824ed-6450-49d8-8b4c-cca181414f5f + FAILED + 10
Timestamp: 1781055385651
Secret: prod_events_XXXXXXXXXX

String to hash: 7ee824ed-6450-49d8-8b4c-cca181414f5fFAILED101781055385651prod_events_XXXXXXXXXX

SHA256 → a07af8b1201e58488b5b060651daa297d9a807282b83d13c763805e891197ab5

📖 See complete signature validation guide

Retry policy

If your endpoint does not respond with an HTTP 2xx code, Wompi will retry sending up to 3 additional times.

AttemptBehavior
1Immediate send
2First retry
3Second retry
4Third and final retry

After the fourth failed attempt, the event is discarded. You can manually query the transaction status with GET /payouts/{payoutId}/transactions.

Common BRE-B failure codes

These are some codes that may appear in failureReason.code:

CodeDescription
MOL-5021The amount entered is less than the minimum allowed
C01The account does not exist or is inactive
C02Account closed
C03Account not found
C05Unauthorized debit

Endpoint requirements

  • Method: POST
  • Protocol: HTTPS mandatory
  • Accessibility: Publicly accessible from the internet
  • Response: HTTP 2xx code (ideally 200 OK)
  • Timeout: Respond in less than 10 seconds
  • Idempotency: Your endpoint must be idempotent (it may receive the same event more than once)

Event URL configuration

The webhook URL is configured from the Wompi dashboard:

  1. Go to Development > Developers
  2. Select Third-Party Payments
  3. Enter the public URL
  4. Save changes

The same URL receives both bank and BRE-B transaction events. Differentiate between them by checking for the presence of the payee.key field in the payload.

📖 See detailed configuration