Skip to main content

Inward Transfers

...

{
"sessionId": "000017231109105136876061534134",
"accountNumber": "6055014409",
"collectionAccountNumber"?: "0379013409", // field is only sent if payment was made to a collection account
"tranDateTime": "2023-11-09T09:52:42.000Z",
"currency": "NGN",
"narration": "0379013409 Payment Collected - SOURCE-",
"feeAmount": 0,
"transactionAmount": 100,
"settledAmount": 100,
"sourceBankName": "",
"sourceBankCode": "000017",
"sourceAccountName": "John Doe",
"sourceAccountNumber": "0233339531",
"reference": "TrmC32XQjL6uImP",
"type": "credit"
}

Code

{
"sessionId": "000017231109105136876061534134",
"accountNumber": "6055014409",
"collectionAccountNumber"?: "0379013409", // field is only sent if payment was made to a collection account
"tranDateTime": "2023-11-09T09:52:42.000Z",
"currency": "NGN",
"narration": "0379013409 Payment Collected - SOURCE-",
"feeAmount": 0,
"transactionAmount": 100,
"settledAmount": 100,
"sourceBankName": "",
"sourceBankCode": "000017",
"sourceAccountName": "John Doe",
"sourceAccountNumber": "0233339531",
"reference": "TrmC32XQjL6uImP",
"type": "credit"
}

To verify the inward transfer webhook notification:

  • Stringify the JSON received in the webhook request body

  • Hash the stringified request body object with your secret key using the sha256 hash

  • Compare the generated sha256 hash with the received X-Radix-Signature from the webhook request header to ensure authenticity

Use the provided NodeJS code snippet below to create a sha256 hash using your app secret

const stringifiedValue = JSON.stringify(body);
const result = crypto.createHmac('sha256', "your source-key").update(stringifiedValue).digest('hex');
//  Verify that the result string matches the headers security key  
const isValidWebhook = result === request.headers['X-Radix-Signature']
/*
const body = {
"sessionId": "000017231109105136876061534134",
"accountNumber": "6055014409",
"collectionAccountNumber"?: "0379013409", // field is only sent if payment was made to a collection account
"tranDateTime": "2023-11-09T09:52:42.000Z",
"currency": "NGN",
"narration": "0379013409 Payment Collected - SOURCE-",
"feeAmount": 0,
"transactionAmount": 100,
"settledAmount": 100,
"sourceBankName": "",
"sourceBankCode": "000017",
"sourceAccountName": "John Doe",
"sourceAccountNumber": "0233339531",
"reference": "TrmC32XQjL6uImP",
"type": "credit"
} // req.body
*/

Code

const stringifiedValue = JSON.stringify(body);
const result = crypto.createHmac('sha256', "your source-key").update(stringifiedValue).digest('hex');
//  Verify that the result string matches the headers security key  
const isValidWebhook = result === request.headers['X-Radix-Signature']
/*
const body = {
"sessionId": "000017231109105136876061534134",
"accountNumber": "6055014409",
"collectionAccountNumber"?: "0379013409", // field is only sent if payment was made to a collection account
"tranDateTime": "2023-11-09T09:52:42.000Z",
"currency": "NGN",
"narration": "0379013409 Payment Collected - SOURCE-",
"feeAmount": 0,
"transactionAmount": 100,
"settledAmount": 100,
"sourceBankName": "",
"sourceBankCode": "000017",
"sourceAccountName": "John Doe",
"sourceAccountNumber": "0233339531",
"reference": "TrmC32XQjL6uImP",
"type": "credit"
} // req.body
*/