Webhooks, or push notifications, allow you to set up integrations that correspond with 'notifications' of certain key events happening on the Multigate platform.When one of the events described below is triggered, we send an HTTP POST command to the webhook's URL. This enables you to track transactions and state changes in a more efficient manner and automate communications internally or with your customers.
Send a request to Add a New Client Configuration to let us know your callback URL. This can also be configured on the web interface as shown in the screenshot below:
2
Listen for events
Webhook notifications will be sent as POST requests to your callback URL.
Webhooks sent by Multigate are authenticated with a unique secret shared exclusively between Multigate and our clients. This serves to guarantee the integrity of the information within the webhook.Our authentication method employs HMAC (Hashed Message Authentication Code) with two keys.The first key corresponds to the HTTP request body, while the second key is the secret key.
Create a hash by combining your secret key and the stringified JSON request body, and then compare it with the signature obtained from the "hash" header parameter of the request.If the hash produced by the Partner matches the value from "hash", the message is deemed valid. Otherwise, if there is no match, the message is considered invalid.An example implementation in node.js is provided below.