Skip to main content

Outward Transfers

...

{
"event": "transfer_successful",
"data": {
  "transactionStatus": "successful",
  "sessionId": "sdsdsdsds343434343",
  "type": "debit",
  "runningBalance": 1000,
  "amount": 1000,
  "fee": 0
  }
}

Code

{
"event": "transfer_successful",
"data": {
  "transactionStatus": "successful",
  "sessionId": "sdsdsdsds343434343",
  "type": "debit",
  "runningBalance": 1000,
  "amount": 1000,
  "fee": 0
  }
}

To verify the outward transfer webhook notification:

  • Stringify the JSON data object received in the webhook request body

  • Hash the stringified request body object with your secret key using the sha256 hash

  • Compare the generated sha256 hash with the received X-Radix-Signature from the webhook request header to ensure authenticity

Use the provided NodeJS code snippet below to create a sha256 hash using your app secret

const stringifiedValue= JSON.stringify(body.data);
const result = crypto.createHmac('sha256', "your source-key").update(stringifiedValue).digest('hex');
//  Verify that the result string matches the headers security key
const isValidWebhook = result === request.headers['X-Radix-Signature']
/*
const body = {
  "event": "transfer_successful",
  "data": {
    "transactionStatus": "successful",
    "sessionId": "sdsdsdsds343434343",
    "type": "debit",
    "runningBalance": 1000,
    "amount": 1000,
    "fee": 0
  }
} // req.body
*/

Code

const stringifiedValue= JSON.stringify(body.data);
const result = crypto.createHmac('sha256', "your source-key").update(stringifiedValue).digest('hex');
//  Verify that the result string matches the headers security key
const isValidWebhook = result === request.headers['X-Radix-Signature']
/*
const body = {
  "event": "transfer_successful",
  "data": {
    "transactionStatus": "successful",
    "sessionId": "sdsdsdsds343434343",
    "type": "debit",
    "runningBalance": 1000,
    "amount": 1000,
    "fee": 0
  }
} // req.body
*/