6. Webhook Payload Authentication

This page goes into details of the authentication options available for your web hook.

There are two options available for payload verification:

Option 1 – Secret Key Authentication

Your webhook data payload will be sent along with a JWT token containing {secret: your_secret_key} as its payload. This token will be placed in the request header called x-payload-auth.

Option 2 – IP Whitelisting

It is recommended that you implement an IP whitelist to ensure that JSON payloads to your registered web hook are received only from the following authorized IPs.

IP1: Provided on request

IP2: Provided on request

Transaction notification payloads will be re-tried if your web hook response status code is other than 200. Re-trial will take place twice per hour and then stop at end of day (EOD).

NOTE: The http method for your web hook should be POST as it will be receiving a JSON payload

Webhook JSON Payload Sample

    reference: "efc2-g2dd-fvvb"
    amount: 100,
    account_number: "4600577949",
    originator_account_name: "Emeka Ajibade",
    timestamp: "2021-06-30T23:48:49.197+00:00"

Last updated