Webhooks Authorization

Generate Webhook Signature Token

Whitepay Webhooks utilizes Signature Token for signing Requests which sends to Webhook Targets, you can get your Signature Token on Settings page in CRM.

Whitepay Webhooks

Signature Validation

Each webhook request includes Signature header.

Security Tip

Before process data from Webhook's body, you should validate Signature header with locally signed payload.

const { HmacSHA256 } = require('crypto-js');
const payloadJson = JSON.stringify(payload)
const signature = HmacSHA256(payloadJson, secret).toString()

secret - Signature key from CRM Settings page

payload - Request body