Skip to main content

Overview

Webhooks allow your system to receive real-time updates from our platform. Instead of constantly checking (polling) for updates, we notify your system as soon as something happens — like a payment being made or a user completing a form. It’s like getting a text message when a delivery arrives, instead of refreshing the tracking page every 5 minutes!

How It Works

  1. You give us a webhook URL (an API endpoint on your server).
  2. We send a POST request to that URL when a payment is made.
  3. You process the transaction data on your end — e.g., mark an order as paid.
Here is simple example of a webhook URL

Sample Notification Payload

Whenever a wallet account receives a credit, your webhook endpoint will receive a JSON payload as seen to the right ->

Authenticating Webhook Notifications

All authentic webhook notifications will include the following HTTP headers:
To validate a webhook notification, follow these steps:

✅ Validation Steps

  1. Extract the following values from the headers and request body:
    • svix-id
    • svix-timestamp
    • svix-signature
    • Raw request body (unparsed string)
  2. Construct the signed payload by concatenating: =svix_id.svix_timestamp.body
  3. Compute the HMAC-SHA256 hash of the constructed payload using your signing secret as the key.
  4. Base64-encode the resulting hash.
  5. Compare the Base64-encoded hash with the signature in svix-signature (excluding the v1, prefix).