6. Webhook Payload Authentication

This page goes into details of the authentication options available for your web hooks
There are two options available for payload verification:
Option 1 – Secret Key Authentication
Your webhook data payload will be sent along with a JWT token containing {secret: your_secret_key} as its payload. This token will be placed in the request header called x-payload-auth.
Option 2 – IP Whitelisting
It is recommended that you implement an IP whitelist to ensure that JSON payloads to your registered web hook are received only from the following authorized IPs.
IP1: Provided on request
IP2: Provided on request
Transaction notification payloads will be re-tried if your web hook response status code is other than 200. Re-trial will take place twice per hour and then stop at end of day (EOD).
NOTE: The http method for your web hook should be POST as it will be receiving a JSON payload

Webhook JSON Payload Sample

{
reference: "efc2-g2dd-fvvb"
amount: 100,
account_number: "4600577949",
originator_account_name: "Emeka Ajibade",
timestamp: "2021-06-30T23:48:49.197+00:00"
}