Revolut Business
Receive Revolut Business webhook events in Wexio flows
Wexio has native Revolut Business signature verification. Revolut signs with Revolut-Signature: v1=<hex> plus a Revolut-Request-Timestamp header (in milliseconds).
Provider docs: Setting up webhooks in Revolut Business
Setup
1. Create an inbound Wexio connection
Settings → Webhooks & API → New connection → Inbound. Use the Revolut Business preset (or pick Auth mode: Revolut manually).
Copy the Wexio endpoint URL.
2. Register the webhook in Revolut
In Revolut Business → Settings → APIs → Webhooks → Add webhook.
| Field | Value |
|---|---|
| URL | The Wexio endpoint URL |
| Events | Pick the events you care about |
Revolut shows the signing secret once — the moment you create the webhook. Copy it immediately. If you dismiss the dialog without copying, you'll have to delete and recreate the webhook in Revolut.
Paste the signing secret into Wexio's Signing secret field.
3. Configure contact resolution
| Identifier type | JSON path | Notes |
|---|---|---|
$.data.counterparty.email | If the payload carries a counterparty email |
For account-level events without an email, resolve to a static contact by hard-coding a fallback in the flow.
4. Capture the schema, bind a flow
Standard steps — Capture schema, trigger a test event, then add a Webhook Received trigger.
Timestamp Tolerance
±5 minutes. The timestamp Revolut sends is milliseconds since epoch (unlike Stripe/Slack/Paddle which use seconds); Wexio handles the conversion internally.
Troubleshooting
| Symptom | Fix |
|---|---|
UNAUTHORIZED: Revolut signature mismatch | You pasted the wrong value into Wexio. Rotate the webhook in Revolut to get a fresh secret |
| Lost the signing secret | Delete the webhook in Revolut and create a new one — they never show it twice |
UNAUTHORIZED: Revolut timestamp outside ±5 min tolerance | Check clock skew; old retries may be rejected |