Debugging Worldpay Webhooks in ASP.NET Core

Source: Dev.to

Introduction

When integrating Worldpay in a production ASP.NET Core application, debugging webhook failures can be one of the hardest problems. Events arrive asynchronously, logs are often missing, and issues usually surface only after a payment dispute or a customer complaint. Proper event logging can save hours of debugging time.

Challenges with Worldpay Webhooks

• Asynchronous nature makes tracing difficult.
• Failures often appear only in production environments.
• Default logging does not capture the full event context.
• Disputes may arise days later without any history.
• Retried events are hard to correlate with original attempts.

Structured Logging Approach

In a production environment, webhook logging should be:

• Structured – store payloads in a consistent format.
• Comprehensive – include full event payloads, event type, timestamps, retry attempts, and correlation identifiers.
• Persisted – keep records for later audits, dispute analysis, and incident investigations.

Example: ASP.NET Core Endpoint

// POST endpoint to log payment events
[HttpPost("log-payment")]
public async Task LogPaymentEvent([FromBody] PaymentEvent paymentEvent)
{
    // Log the payment event
    await _paymentEventLogger.LogAsync(paymentEvent);
    return Ok("Payment event logged successfully!");
}

Logger Implementation

public async Task LogAsync(PaymentEvent paymentEvent)
{
    var eventRecord = new PaymentEvent
    {
        // Populate with provider, event type, status, reference IDs, timestamps, etc.
    };

    // Persist the complete Worldpay event payload and metadata
    await _repository.SaveAsync(eventRecord);
}

The logger persists the complete Worldpay event payload along with metadata such as provider, event type, status, reference identifiers, and timestamps. This makes it possible to reconstruct the full lifecycle of a payment event during audits, dispute investigations, or production incident analysis.

Persistence and Audit Features

• Database storage (e.g., SQL Server, PostgreSQL) for reliable retention.
• Indexing on correlation IDs and timestamps for fast lookup.
• Retention policies to comply with regulatory requirements.

Extended Version

The extended version of the logger includes additional audit capabilities, such as change tracking and export functions.

• GitHub repository (free version):
• Extended version with persistence and audit features: