OAuth is in closed beta in production, and open beta in sandbox. Contact us to express interest in the production beta release.

Notification kinds

The notification kind, returned by calling kind on the notification object, reveals what triggered the webhook. The webhookNotification.kind for OAuth webhooks will be one of the following:

  • braintree.WebhookNotification.Kind.OAuthAccessRevoked

The following table describes the conditions that trigger each kind of webhook.

Notification Type Description

A connected merchant has revoked API access.


kind enum

The kind of webhook notification.

timestamp date

The UTC date/time at which the webhook was triggered.

merchantId string

The ID of the connected merchant.

oauthApplicationClientId string

The OAuth application client ID.

OAuth access revoked

Below is a full example of how to trigger a webhook when a connected merchant has revoked access to their account.

const gateway = new braintree.BraintreeGateway({
  publicKey: 'use_your_public_key',
  privateKey: 'use_your_private_key',
  merchantId: 'use_your_merchant_id',
  environment: braintree.Environment.Sandbox,

gateway.webhookNotification.parse(btSignature, btPayload, (err, notification) => {
  // braintree.notification.Kind.OAuthAccessRevoked

  // "merchant_id"
This code snippet creates a gateway instance using the latest version of the Node SDK. Learn more.