VerifyMe API
  • Welcome
  • general
    • Getting Started
    • Introduction
    • Authentication
    • About Verifications
  • Identity verifications
    • Bank Verification Number (BVN)
    • Corporate Affairs Commission
    • Drivers License
    • Identity Biometrics
    • BVN Identity Matching
    • Virtual NIN (vNIN)
    • National Identification Number(NIN)
    • Tax Identification Number
    • Voters Card
  • Address Verification
  • Submit Address Verification
  • Get Address Verification By ID
  • Get Address Verifications
  • Cancel Address Verification
  • Fetch an Address By Identity
  • Business Verification
    • Submit Business Verification
    • Get Business Verification By ID
    • Get Business Verifications
    • Cancel Business Verification
  • Guarantor Verification
    • Submit Guarantor Verification
    • Get Guarantor Verifications
    • Get Guarantor Verification By ID
    • Cancel Guarantor Verification
  • employment Verification
    • Submit Employment History Verification
    • Get Employment History Verifications
    • Get Employment History Verification By ID
    • Cancel Employment History Verification
  • Property Verification
    • Submit Property Verification
  • Liveness Verification
  • LOCATION
    • Get Countries
    • Get Country By ID
    • Get State By ID
    • Get State For Country
    • Get Lga By Country
    • Get Lga By State
    • Get Lga By ID
  • Bank
    • Get Banks
    • Get Account Details
  • BVN NUBAN
    • Get Nuban Banks
    • Get BVN details by NUBAN
  • webhooks
    • About Webhooks
    • Verified Address
    • Verified Guarantor
    • Verified Employment History
    • Verified Property
  • Product statuses
  • Error Status Codes
  • Glossary
  • Widget Services
    • VerifyMe Liveness Widget
    • Requery Liveness Verification
Powered by GitBook
On this page
  • What are they?
  • Which Verifications require webhooks?
  • How do I add my webhook?
  • Webhook Signature

Was this helpful?

  1. webhooks

About Webhooks

🚀

PreviousGet BVN details by NUBANNextVerified Address

Last updated 3 years ago

Was this helpful?

What are they?

Webhooks are events we send to your pre-set endpoints via HTTP POST requests. They serve as a means of notification for when verification(s) has been completed.

Which Verifications require webhooks?

At the moment the following verifications require webhooks to be set:

  • Address Verification

  • Guarantor Verification

How do I add my webhook?

Webhooks can be added from your VerifyMe account dashboard

Webhook Signature

Webhook signatures are a means for you to verify if a webhook originated from our servers. All webhooks events have the x-verifyme-signature HTTP header which is a hash of the body of the request and your secret key.

Sample Code

const crypto = require('crypto')

// your api secretkey ( testSecretKey or liveSecretKey)
const secretKey= process.env.SECRET_KEY

const WebhookHandler = (req , res ) =>{
    const signature = crypto.createHmac('sha512', secretKey).update(JSON.stringify(res.body)).digest('hex');
    if(signature === req.headers['x-verifyme-signatue']){
        // Source of the webhook is verified , Add logic here
    }
}
import (
	"crypto/hmac"
	"crypto/sha512"
	"encoding/hex"
	"io/ioutil"
	"net/http"
	"os"
)

// your api secretkey ( testSecretKey or liveSecretKey)
var secret = os.Getenv("SECRET_KEY")

func WebhookHandler(w http.ResponseWriter, r *http.Request) {
	hash := hmac.New(sha512.New, []byte(secret))
	
	requestBody, _ := ioutil.ReadAll(r.Body)
	hash.Write(requestBody)
	sha := hex.EncodeToString(hash.Sum(nil))
	
	if sha == r.Header.Get("x-verifyme-signature") {
		// Source of the webhook is verified , Add logic here
	}
}
using System;
using System.Security.Cryptography;
using System.Text;
using Newtonsoft.Json.Linq;
namespace HMacExample
{
  class Program {
    static void Main(string[] args) {
      String key = "YOUR_SECRET_KEY"; //replace with your live or test secret key
      String jsonInput = "YOUR_WEBHOOK_PAYLOAD"; //JSON webhook payload gotten from your request handler
      String inputString = Convert.ToString(new JValue(jsonInput));
      String result = "";
      byte[] secretkeyBytes = Encoding.UTF8.GetBytes(key);
      byte[] inputBytes = Encoding.UTF8.GetBytes(inputString);
      using (var hmac = new HMACSHA512(secretkeyBytes))
      {
          byte[] hashValue = hmac.ComputeHash(inputBytes);
          result = BitConverter.ToString(hashValue).Replace("-", string.Empty);;
      }
      Console.WriteLine(result);
      String verifyMeSignature = ""; //put in the request's value for x-verifyme-signature
  
      if(result.ToLower().Equals(verifyMeSignature)) {
          // valid request from our servers
          
          // insert logic here
      } else {
          // if it gets to this block it it didnt come from verifyme servers
      }
    }
  }
}