Webhooks

Web hooks are a great way for Glyde to keep your application informed of changes that are happening in your account and transaction status updates.

When a transaction is initiated, it goes through the stages of pending, processing to failed or processed. In every of this stages we will notify the webhook URL that have submitted on your merchant account.

Webhook Setup

Log into your account, navigate to Settings > Api Kes & Webhook then update your webhook URL and copy the auto-generated crypto-graphically secure signing key.

Webhook URL

The webhook URL is a publicly accessible endpoint on your application/website that can receive a post request from Glyde. We will send updates about transactions to the endpoint.

Signing Key

The webhook signing key is a secure randomly generated string that we will use to encrypt the data we send to the webhook url. This is to ensure that the request originated from Glyde. The Signing key will be set on the webhook request header x-signature-hash to is sent to your webhook URL.

Signature Validation

<?php

if (strtoupper($_SERVER['REQUEST_METHOD']) != 'POST' || !in_array('HTTP_X_SIGNATURE_HASH', $_SERVER)) {
  exit();
}

// Get the input from the request.
$input = @file_get_contents("php://input");

// Replace SIGNING_KEY with the signing key form your account
define('GLYDE_SIGNING_KEY', 'SIGNING_KEY');

// Validate the authenticity of the data sent
if ($_SERVER['HTTP_X_SIGNATURE_HASH'] !== hash_hmac('sha256', $input, GLYDE_SIGNING_KEY)) {
  exit();
}

// Send an HTTP success response back to Glyde
http_response_code(200);

//Decode the json string and convert it to an associative array.
$event = json_decode($input, true);

// **(Optional Processing Placeholder):**
// Add your code here to process the data in the $event variable

exit();

import http.server
import hashlib
import json

class GlydeWebhookHandler(http.server.BaseHTTPRequestHandler):
    def do_POST(self):
        if self.path != '/':
            self.send_response(404)
            self.end_headers()
            return

        if 'x-signature-hash' not in self.headers:
            self.send_response(400)
            self.end_headers()
            self.wfile.write(b'Invalid request missing signature header.')
            return

        input_data = self.rfile.read(int(self.headers['Content-Length']))

        if not input_data:
            self.send_response(400)
            self.end_headers()
            self.wfile.write(b'Failed to read request body.')
            return

        # Replace 'SIGNING_KEY' with the actual signing key provided by Glyde
        GLYDE_SIGNING_KEY = b'SIGNING_KEY'

        # Validate the authenticity of the data sent
        if self.headers['x-signature-hash'].encode() != hashlib.sha256(input_data + GLYDE_SIGNING_KEY).hexdigest().encode():
            self.send_response(401)
            self.end_headers()
            self.wfile.write(b'Invalid signature.')
            return

        # Decode the JSON data
        try:
            event = json.loads(input_data.decode())
        except ValueError:
            self.send_response(400)
            self.end_headers()
            self.wfile.write(b'Invalid JSON format in request body.')
            return

        # Optional processing logic
        # Add your code here to process the event data

        self.send_response(200)
        self.end_headers()

if __name__ == '__main__':
    server_address = ('', 8000)
    httpd = http.server.HTTPServer(server_address, GlydeWebhookHandler)
    print('Server running on port 8000...')
    httpd.serve_forever()

const crypto = require('crypto');
const http = require('http');

const PORT = process.env.PORT || 3000; // Use environment variable for port or default to 3000
const GLYDE_SIGNING_KEY = 'YOUR_SIGNING_KEY'; // Replace with your actual signing key

const server = http.createServer((req, res) => {
  if (req.method !== 'POST' || !req.headers['http-x-signature-hash']) {
    res.statusCode = 400;
    res.end('Invalid request method or missing signature header.');
    return;
  }

  let inputData = '';
  req.on('data', (chunk) => {
    inputData += chunk.toString();
  });

  req.on('end', () => {
    const signature = req.headers['http-x-signature-hash'];
    const calculatedHash = crypto.createHmac('sha256', GLYDE_SIGNING_KEY)
      .update(inputData)
      .digest('hex');

    if (signature !== calculatedHash) {
      res.statusCode = 401;
      res.end('Invalid signature.');
      return;
    }

    res.statusCode = 200;
    res.end();

    // Parse JSON data (assuming it's in the request body)
    try {
      const event = JSON.parse(inputData);
      // Process the data in the 'event' object here
      console.log('Received event:', event);
    } catch (error) {
      console.error('Error parsing JSON:', error.message);
      // Handle JSON parsing error appropriately (e.g., send error response)
    }
  });
});

server.listen(PORT, () => {
  console.log(`Server listening on port ${PORT}`);
});

Event Types

{
  "event-type": "disbursement.processing",
  "data": {
    "transaction": {
      "id": 313,
      "reference": "f783845d-7af5-4886-885e-0f9c746ae2ed",
      "type": "debit",
      "type_description": "Lending payout",
      "amount": "50",
      "balance_after": "36895",
      "balance_before": "36895",
      "status": "processing",
      "merchant_reference": "f7888fe3-5d0f-47b9-a3d2-efad0cc3c19e",
      "payload": null,
      "narration": "Lending payout",
      "initiated_at": "2024-02-05 15:25:18",
      "process_at": null,
      "failed_at": null,
      "processed_at": null,
      "paid_at": null,
      "wallet_id": 1,
      "session_id": null,
      "created_at": "2024-02-05 15:25:18",
      "updated_at": "2024-02-05 15:25:18"
    }
  }
}

{
  "event-type": "disbursement.processed",
  "data": {
    "transaction": {
      "id": 313,
      "reference": "f783845d-7af5-4886-885e-0f9c746ae2ed",
      "type": "debit",
      "type_description": "Lending payout",
      "amount": "50",
      "balance_after": "36895",
      "balance_before": "36945",
      "status": "processed",
      "merchant_reference": "f7888fe3-5d0f-47b9-a3d2-efad0cc3c19e",
      "payload": null,
      "narration": "Lending payout",
      "initiated_at": "2024-02-05 15:25:18",
      "process_at": "1710345171",
      "failed_at": null,
      "processed_at": "2024-02-05 15:25:18",
      "paid_at": null,
      "wallet_id": 1,
      "session_id": null,
      "created_at": "2024-02-05 15:25:18",
      "updated_at": "2024-02-05 15:25:18"
    }
  }
}

{
  "event-type": "disbursement.failed",
  "data": {
    "transaction": {
      "id": 313,
      "reference": "f783845d-7af5-4886-885e-0f9c746ae2ed",
      "type": "debit",
      "type_description": "Lending payout",
      "amount": "50",
      "balance_after": "36895",
      "balance_before": "36895",
      "status": "failed",
      "merchant_reference": "f7888fe3-5d0f-47b9-a3d2-efad0cc3c19e",
      "payload": null,
      "narration": "Lending payout",
      "initiated_at": "2024-02-05 15:25:18",
      "process_at": null,
      "failed_at": null,
      "processed_at": null,
      "paid_at": null,
      "wallet_id": 1,
      "session_id": null,
      "created_at": "2024-02-05 15:25:18",
      "updated_at": "2024-02-05 15:25:18"
    }
  }
}

PreviousDisbursement

Last updated 10 months ago