These code snippets provide functionality to verify the authenticity of webhook requests and to parse the payload data. It ensures that incoming webhook requests are from a trusted source by checking their signature and then processes the request data.
Copy
type PayoutWebhookEvent struct {Type stringRaw stringObject interface{}}func PayoutVerifyWebhookSignature(signature string, rawBody string, timestamp string) (*PayoutWebhookEvent, error) {signatureString := timestamp + rawBodyhmacInstance := hmac.New(sha256.New, []byte(*XClientSecret))hmacInstance.Write([]byte(signatureString))bytesData := hmacInstance.Sum(nil)generatedSignature := base64.StdEncoding.EncodeToString(bytesData)if generatedSignature == signature {var object interface{}err := json.Unmarshal([]byte(rawBody), &object)if err != nil {return nil, errors.New("something went wrong when unmarshalling raw body")}if objectAsMapInterface, ok := object.(map[string]interface{}); ok {if webhookType, ok := objectAsMapInterface["type"].(string); ok {return &PayoutWebhookEvent{Type: webhookType, Raw: rawBody, Object: object}, nil}}return &PayoutWebhookEvent{Type: "", Raw: rawBody, Object: object}, nil}return nil, errors.New("generated signature and received signature did not match")}
{ "data": { "transfer_id": "JUNOB2018", "cf_transfer_id": "123456", "status": "SUCCESS", "status_code": "COMPLETED", "status_description": "The transfer has been initiated via the partner bank successfully. The request is waiting to be processed at the beneficiary bank to do the credit to the end beneficiary.", "beneficiary_details": { "beneficiary_id": "JOHN18011", "beneficiary_instrument_details": { "bank_account_number": "7766671501729", "bank_ifsc": "SBIN0000003" } }, "transfer_amount": 1, "transfer_service_charge": 1, "transfer_service_tax": 0.18, "transfer_mode": "BANK", "transfer_utr": "TESTR92023012200543116", "fundsource_id": "CASHFREE_1", "added_on": "2021-11-24T13:39:25Z", "updated_on": "2021-11-24T13:40:27Z" }, "event_time": "2024-07-25T17:43:37", "type": "TRANSFER_ACKNOWLEDGED"}
Telr webhooks service does its best to deliver events to your webhook endpoint. It is best practice for your application to respond to the callback. Our webhook service may send many payloads to a single endpoint in quick succession. You will need to build an application and configure your server to receive the response we send when events get triggered during the payout process.Your server should return a 200 HTTP status code to acknowledge that you received the webhook without any issues. Any other information you return in the request headers or request body gets ignored. Any response code outside the 200 range, including 3xx codes, indicates that you did not receive the webhook.When Telr does not get the acknowledgement due to any reason, we retry to establish the communication at regular intervals. If we do not receive the response after few attempts, we gradually decrease the rate of retries. Based on this count, the service is disabled if it fails more than five times.If do not receive notifications from Cashfree Payments as expected, please fill out the Support Form.
When you decide to consume the webhooks, first, you need to verify if your systems need an IP whitelisting to be done at your end or not. Accordingly you can whitelist the below IPs of Telr:
Can I subscribe to webhooks V2 if I use Payout APIs as V1 and V1.2?
Yes, you can subscribe to Webhooks V2 even if you’re currently using Payout APIs v1 and v1.2.
Can I utilise webhooks V1 while using Payouts APIs V2?
Yes, you can typically subscribe to Webhooks V1 even if you’re using Payout APIs V2.
Are the webhook events CREDIT_CONFIRMATION, BENEFICIARY_INCIDENT, and LOW_BALANCE_ALERT, previously available in webhooks V1, still supported and deliverable in Webhooks V2?
Yes, you can continue to receive the CREDIT_CONFIRMATION, BENEFICIARY_INCIDENT, and LOW_BALANCE_ALERT webhook events even after subscribing to Webhooks V2.
