Verify Webhook Signature

The Verify Webhook Signature endpoint allows you to validate the authenticity and integrity of webhook events sent by Payiano to your server. By using this endpoint, you can ensure that the payload has not been tampered with and is indeed from Payiano. This validation process involves comparing the HMAC signature included in the webhook request headers with a computed signature using your signature secret.

Implementing this verification step in your webhook handling process helps maintain the security and reliability of your integrations, ensuring that only legitimate data is processed by your system. This robust security measure safeguards your application against potential malicious activities and data breaches, providing peace of mind that your webhook data is authentic and secure.

POST/webhooks/verify_signature

Sandbox: https://api.payiano.dev/v1/webhooks/verify_signature

Live: https://api.payiano.com/v1/webhooks/verify_signature

Security

Authorization header with access token is required to access this endpoint: Bearer ACCESS-TOKEN
Your access token should be associated to this permission webhook_signature_verify

Request

Request body schema:

application/json

Request body:

webhook_event_id `required`	webhook_event_id `required` Type: `ulid` This attribute contains the unique identifier for the webhook event. It is the value provided in the X-Payiano-Webhook-Event-Id header. This ID helps to uniquely identify and correlate the webhook event for which the signature verification is being requested.
webhook_event_attempt_id `required`	webhook_event_attempt_id `required` Type: `ulid` This attribute contains the unique identifier for the specific attempt to deliver the webhook event. It is the value provided in the X-Payiano-Webhook-Event-Attempt-Id header. This ID helps to uniquely identify and track the individual attempt of the webhook event delivery.
signature `required`	signature `required` Type: `string` This attribute contains the HMAC signature of the webhook event. It is the value provided in the X-Payiano-Webhook-Signature header. This signature is used to verify the integrity and authenticity of the webhook event payload.
payload `required`	payload `required` Type: `json` This attribute contains the JSON string payload of the webhook event. The payload includes all the event details that were sent in the webhook request body. It should be the exact payload received from Payiano API without any modifications, as it is used to compute and verify the signature.

Response

200

Response schema:

application/json

Response body:

status

Type: boolean

This value indicates whether the webhook signature verification was successful or not.

Response sample:

1
{ 2 "status": true 3}